In  this,  the  fifth  installment  of  a  six-part  series,  we  showcase  how  wireless  fits 
into  your  new  data  center  architecture,  do-it-yourself  disaster  recovery  and  more. 
Supplement  begins  after  page  28. 
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State  IT  execs 
betting  on  VoIP 


■  BY  TIM  GREENE 

In  California,  there  might  be  a 
new  killer  app  for  VoIP:  balancing 
the  state  budget. 

A  top-to-bottom  look  at  spend¬ 
ing  called  the  California  Perfor¬ 
mance  Review  (CPR)  recom¬ 
mends  adopting  VoIP  across  state 
government  as  a  way  to  save  up 
to  $6.3  million  per  month  state¬ 
wide.  The  review,  by  a  panel  cre¬ 
ated  by  Gov.  Arnold  Schwarze¬ 
negger,  says  agencies  pay  any¬ 
where  between  $20  and  $117 
per  month  for  phone. 


In  their  effort  to  stretch  taxpayer 
dollars,  CPR  authors  are  latching 
on  to  just  one  of  the  benefits  of 
VoIP  —  cost  —  that  is  making  the 
technology  increasingly  popular 
among  state  IT  officials,  many  of 
whom  are  meeting  this  week  in 
Providence,  R.I.,  at  the  National 
Association  of  State  Telecom¬ 
munications  Directors  (NASTD) 
annual  conference.  Other  benefits 
include  support  for  advanced 
services,  simplifying  network 
architecture  and  backing  up 
existing  systems. 

See  NASTD,  page  81 


Colleges  cram  for  test 
of  new  security  plans 


BY  JOHN  COX 


Bushwhacked  last  fall 
by  computer  worms, 
network  managers  at 
U.S. colleges  have  taken 
steps  to  make  sure  it  won’t  hap¬ 
pen  again  next  month  when  the 
new  academic  year  begins. 

The  steps  include  embracing 
Microsoft’s  Windows  XP  Service 
Pack  2,  installing  new  intrusion- 
detection  software,  scanning 


■  Anti-virus  ven¬ 
dors  are  starting 
to  tackle  the 
security  ramifica¬ 
tions  of  spyware. 
Page  12. 


every  PC  that  tries  to 
connect  to  the  campus 
network,  and  working 
harder  to  convince  fac¬ 
ulty  and  students  that 
they  have  a  stake  in 
network  security 
But  the  steps  are  part  of  a  larger 
shift  in  network  security  aware¬ 
ness:  treating  every  client  as  a 
potential  threat  and  continuously 
monitoring  a  client’s  behavior 
See  Campus,  page  16 


Is  security  ripe 
for  outsourcing? 


■  BY  JENNIFER  MEARS 

Security  demands  for  online 
applications  such  as  e-commerce 
and  Web  services  are  prompting 
more  corporate  customers  to 
hand  off  security  functions  — 
such  as  intrusion  detection  and 
firewalls  —  to  outside  service 
providers. 

Users  are  finding  that  third-party 
security  service  providers  can 
also  help  augment  an  internal 
security  strategy  by  preparing 
reports  required  by  many  new 
government  regulations. 

As  a  result,  the  trend  toward  out¬ 
sourcing  security  functions, 
which  peaked  during  the  Internet 
boom,  is  slowly  angling  upward 


again  as  companies  discover  that 
handing  off  routine  security  activ¬ 
ities  enables  them  to  focus  inter¬ 
nal  security  expertise  in  more 
critical  areas.  However,  hurdles  re¬ 
main,  and  many  companies  still 


prefer  to  keep  such  sensitive  IT 
functions  in-house. 

“As  we’ve  seen  the  economy 
pick  up  over  the  past  six  or  eight 
months,  we’ve  seen  companies 
See  Outsource,  page  80 


A  Wider  Net 


Keeping  track  of  NASCAR 

The  technology  driving  telecasts  just  might  surprise  you. 


■  BY  JASON  MESERVE 

Fans  of  the  sport 
say  to  truly 
appreciate 
NASCAR  racing, you 
have  to  attend  an  event  in 
person  to  see  the  cars  whizzing 
and  feel  dozens  of  vehicles  revving  to  over 
9,000  rpm  as  they  throttle  up  to  the  green  flag 
at  the  start  of  the  race,  and  smell  the  burnt  rub¬ 
ber  from  a  spinout  or  a  tiresmoking  victory 
celebration.The  91,000-plus  fans  sitting  in  the 


stands  at  last  month’s  Nextel 
Cup  race  at  New  Hamp¬ 
shire  International 
Speedway  attest  to 
the  sensory  experi- 
of  big-time  auto 

"racing. 

the  on-site  crowd  probably  didn’t 
know  that  on  lap  21  Kasey  Kahne  got  his  red 
No.  9  car  up  to  157  mph  on  the  front  stretch 
before  slowing  down  to  a  more  leisurely  96 
mph  to  take  the  curve.  Or  that  Ricky  Rudd’s  21 

See  NASCAR,  page  14 


SHERRYL  CREEKMORE/N  ASCAR 


NAME 


Mr.  50%  Fewer 
Helpdesk  Calls 


ts-refeetf  Microsoft.  flHalk.  Stnn<.  Point  SOL  Server,  Windows,  the  Wind©-, 
Corporation  -Tithe  Untied  States'and,  or  other  countries  '1996  200-P  Sega 


logo  Windows  Server  Windows  Server  Syste 
imeWorks  L.L  C.  All  rights  reserved.  GanieWo 


n.and  "Your  potential  Our  passion  "  are  either 
IrsLRt-  is  a  registered  trademark  of  Seo^dMgi 


trademarks  or^rardern 


m  1  \  1 

id 

/  I 

•  *  F  1  / 

Jr  ’  ' 

^0F  T*  J  / 

/  / 

"So  much  of  the  infrastructure  management  is 
automated,  it  frees  us  up  to  build  the  foundation 
we  need  for  growth  and  expansion." 

Mike  Pettigrew 

Manager,  Technical  Services,  GameWorks 


Make  a  name  for  yourself  with  Windows  Server  System. 

Microsoft  Windows  Server  System  makes  infrastructure 
easier  to  manage  for  the  eight-person  IT  staff  at 
GameWorks,  a  high-tech  entertainment  and  restaurant 
chain.  Here's  how:  By  using  Windows  Server  2003,  they 
can  prevent  end  users  from  installing  unauthorized 
software,  and  make  it  easier  to  restore  lost  files.  This 
reduced  helpdesk  calls  by  50  percent,  and  gave  them 
more  time  to  focus  on  new  projects  and  manage 
their  growth.  Software  that’s  easier  to  manage  is 
software  that  helps  you  do  more  with  less.  Get  the 
full  GameWorks  story  at  microsoft.com/wssystem 
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Introducing  Sun  Fire  Servers  Powered  by  AMD  Opteron 


The  Solaris  Operating  System  and  Linux  are  up  to  45%  faster  than  comparable  32-bit  systems1 
servers  featuring  screaming  AMD  Opteron  processors. 

Add  the  Sun  Java  Enterprise  System  -  Sun’s  entire  infrastructure  portfolio  of  software  -  and  St 
experience  the  full  Sun  systems  advantage.  Engineered  to  deliver  extreme  performance  at  com* 

Purchase  a  subscription  to  the  Java  Enterprise  Developer  Promotion  by  September  30,  2004  and  get  a  free*  Sun  Fire  V20z  AMD 
Opteron-based  server.2  Sign  up  today  at  sun.com/jes. 
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1.  BASED  ON  TESTS  WITH  AMD  OPTERON  VS.  3.2  GHZ  XEON  RUNNING  LINUX,  AMD  OPTERON  RAN  45%  FASTER  ON  SPECWEB  99SSL  -  BASED  ON  PUBLISHED  DATA  FROM  WWW.SPEC.ORG  1/22/04.  FOR  SOLARIS,  OS  MICROBENCHMARKS  PERFORMED  AN  AVERAGE 
42'  -  FASTER  ON  AN  AMD  OPTERON  PROCESSOR  MODEL  246  (2.0  GHZ)  BASED  SYSTEM  COMPARED  TO  A  3.2  GHZ  XEON  SYSTEM  2  OFFER  VALID  IN  THE  U  S  AND  THROUGH  SUN  STORE  ONLY  PROMOTION  VALID  THROUGH  SEPTEMBER  30  2004  FOR  A  LIMITED 
TIME  ONLY,  GET  THE  JAVA  ENTERPRISE  DEVELOPER  PROMOTION.  A  VALUE  OF  OVER  US.  $7000,  FOR  ONLY  U  S.  $1499  PER  YEAR  FOR  A  3-YEAR  SUBSCRIPTION.  SEE  WEBSITE  FOR  DETAILS.  3.  PRICING  IS  U  S.  LIST  PRICE  ALL  PRICES  QUOTED  ARE  IN  U  S  DOLLARS 
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Face-Off 

Should  companies  outsource  their  e-mail 
security?  Dan  Nadir  of  FrontBridge  says 
yes,  but  Paul  Judge  of  CipherTrust  begs 
to  differ.  Page  59. 


The  need  for  mobility  marks  today’s 
most  strategic  businesses.  In  this, 
the  fifth  installment  of  a  six-part 
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■  81  Navigator  upgrade  could  attract  browser  converts. 
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Sourcefire's  RNA  provides  instant 
visibility  into  your  network.  Page  63. 
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The  Averatec  6200 
makes  it  easy  to  watch 
a  movie  or  listen  to 
a  CD. 

Page  58. 
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The  Oracle  Collaboration  Suite  is  a  comprehensive  set  of 
tools  to  help  companies  manage  information.  Page  65. 
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servers,  WiMax,  network  security  design  and  more.  Stream  the  sessions 
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series,  we  showcase  how  to  make 
wireless  a  part  of  your  new  data 
center  architecture. 

Coverage  begins 
after  page  28. 
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The  Wireless  Wizards 

Can  anyone  regulate  Wi-Fi? 

The  Wizards  help  a  reader  who  asks:  "What  happens  when  wire¬ 
less  networks  become  pervasive  to  the  point  where  there  is  so 
much  interference  that  networks  crowd  each  other?  Is  there  an 
authority  that  arbitrates/mediates  or  will  help  resolve  these  con¬ 
flicts  in  the  future?"  DocFinder:  3441 
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Election  season  plays,  Part  2 

Net.Worker  Managing  Editor  Toni  Kistner  looks  at  Sen.  Chris 
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Analyze,  support,  grow:  Part  2 
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identity  to  the  right  partners.  DocFinder  3443 

HomeBase 

Uncle,  can  you  spare  a  dime? 

Columnist  Steve  Ulfelder  says  don't  overlook  the  Small  Business 
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Network  World  Fusion  —  your  24-7  source  for  the  latest  solu¬ 
tions  and  strategies,  with  links,  resources  and  answers  you 
need.  Our  Webcasts  ace  highly  focused,  single-topic  briefings 
from  experts  in  technology.  DocFinder  2542 
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Survey:  Most  homes  now  have  broadband 

■  A  majority  of  U.S.  home  Internet  users  now  have  broadband, 
according  to  a  survey  by  NetRatings.  While  the  total  number  of 
home  Internet  users  has  reached  a  plateau  in  the  U.S.,  those  who 
do  use  the  Internet  are  adopting  broadband  at  a  rapid  pace, 
according  to  the  audience  measurement  company.  In  July  there 
were  an  estimated  63  million  broadband  users,  or  51%  of  all  home 
Internet  users,  compared  with  61.3  million  dial-up  users.  A  year 
earlier,  broadband  users  were  just  38%  of  all  home  Internet  users, 
at  about  42.8  million,  and  dial-up  users  were  62%.  Over  the  same 
period,  the  total  number  of  Americans  using  the  Internet  at  home 
grew  less  than  10%,  from  1 13  million  in  July  2003  to  124  million  in 
July  of  this  year. 

Lindows  puts  IPO  on  hold 

■  Lindows,  the  Linux-based  software  developer  best  known  for  its  legal  battles  with 
Microsoft,  has  indefinitely  shelved  its  plans  to  become  a  publicly  traded  company 
because  of  “current  adverse  market  conditions,"  it  announced  last  week.  Lindows  has 
not  withdrawn  its  registration  statement  with  the  Securities  and  Exchange  Commission 
and  hopes  to  proceed  with  the  IPO  once  market  conditions  and  public  company  valu¬ 
ations  improve,  the  company  said.  Founded  in  July  2001,  the  desktop  Linux  specialist 
shipped  its  first  product  in  January  2002  but  has  been  renowned  primarily  for  its  two- 
and-a-half-year  trademark  dispute  with  Microsoft  over  the  similarity  of  the  LindowsOS 
product  name  to  Windows.  In  July  Lindows  agreed  to  change  its  legal  name  to  Linspire 
by  Sept.  14  and  to  end  the  use  of  the  Lindows  name  in  its  products  in  exchange  for  $20 
million  from  Microsoft. 

MCI  embracing  IP  abroad 

■  MCI  next  year  will  convert  its  international  voice  trunking  to  IP  under  a  plan  it  says 
will  reduce  the  cost  of  running  its  networks  and  also  give  it  the  opportunity  to  offer  new 


■  Tf  Good  ie  Bad  ie Ugly 
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Fair  warning.  California  lawmakers  have  voted  to  require  the  state's 
employers  to  notify  workers  in  writing  if  the  company  is  monitoring  e-mail 
or  Web  surfing.  Employers  already  are  required  to  disclose 
if  they  are  listening  in  on  phone  calls.  Y  * 


S)  Phishing  at  work.  SAP  has  issued  a  warning  telling  customers  not 
to  provide  confidential  information  on  the  phone  to  people  claiming  to  be  company 
support  staff.  SAP  has  a  policy  never  to  request  confidential  information  from 
customers  over  the  phone.  More  companies  are  adopting  similar  policies  governing 
e-mail,  too. 


®  Fresh  meat  is  spoiling  faster.  An  unprotected  PC  tossed  on 
the  Internet  will  become  infected  by  a  worm  within  an  average  of  20  minutes,  down 
from  40  minutes  only  a  year  ago,  according  to  researchers  at  SANS. 


services.  According  to  the  company,  it  will  install  Ericsson  gear  at  MCI’s  international 
gateways  to  convert  traditional  TDM  voice  traffic  and  signaling  into  IP  for  transport 
abroad. The  gateways  also  will  serve  as  access  points  to  its  network  for  IP  traffic  from 
customers  and  other  carriers.  MCI  has  introduced  VoIP  to  its  netwoYk  gradually  adding 
VoIP  services  two  years  ago  and  voice-over-DSL  services  earlier  this  year.  VoIP  enables 
service  providers  to  run  a  single  network  for  voice  and  data  traffic,  making  their  network 
designs  and  operations  more  efficient.VoIP  also  enables  easier  integration  of  voice  and 
data  into  single  services  such  as  collaboration  and  unified  messaging.  MCI  says  it  is 
already  installing  the  gateways  that  will  start  carrying  customer  traffic  in  the  middle  of 
next  year. 

RFID  project  to  track  documents 

■  NEC  last  week  said  it  has  signed  a  contract  with  a  Japanese  bank  for  a  radio  fre¬ 
quency  identification-based  document  management  system.  NEC  said  the  system  is  the 
worlds  first  to  use  RFID  for  this  function, and  said  it  will  be  introduced  by  the  Bank  of 
Nagoya  next  April.  Bank  of  Nagoya  is  a  regional  bank  in  central  Japan.  Financial  details 
of  the  agreement  were  not  disclosed. 

The  system,  which  is  still  under  development,  will  use  omnidirectional  antennas 
attached  to  bookshelves  and  filing  cabinets  that  communicate  data  from  RFID  tags 
embedded  in  documents  to  a  software  system  that  offers  real-time  document  tracking, 
according  to  NEC.  The  system,  which  NEC  is  targeting  at  banks,  financial  institutions, 
libraries,  hospitals  and  other  institutions  that  store  sensitive  documents,  is  designed  to 
be  combined  with  other  security  systems  to  provide  comprehensive  and  detailed  doc¬ 
ument  protection. 
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»  Wanted:  Shakers  and  movers — those  who  not  only  think  outside  the  box,  but 
who  smash  it.  Juniper  Networks  helps  you  change  your  company  for  the  better. 
Installing  sophisticated  connectivity,  instilling  confidence.  So,  take  command  of 
your  network  with  increased  intelligence,  ensured  reliability  and  impenetrable 
security.  Juniper  your  net. 


Juniper  Networks  is  proud  to  transform  security  in  networking  through  our  addition  of  NetScreen  Technologies: 
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ortel  looks  to  enterprise  in  overhaul 

Company  relying  on  corporate  business  to  recover  from  financial  scandal. 


■  BY  JIM  DUFFY 

If  there  were  any  doubts 
about  Nortel’s  commitment  to 
the  enterprise,  they  should  be 
vanquished  now. 

Amid  the  layoffs,  executive  fir¬ 
ings  and  operational  consolida¬ 
tions  announced  by  Nortel  last 
week  was  a  strategic  emphasis  on 
its  enterprise  business  as  the 
company  looks  to  regain  finan¬ 
cial  footing  after  an  accounting 
scandal.  Enterprise  is  one  of  two 
Nortel  business  units  —  Carrier 
being  the  other  —  left  standing 
under  the  reorganization  plan. 

“We  remain  strong  in  the  enter¬ 
prise  business;  it’s  growing,”  says 


Nortel  CEO  Bill  Owens.  Enterprise 
products  accounted  for  more 
than  20%  of  the  company’s  rev¬ 
enue  each  of  the  past  two  quar¬ 
ters,  outpacing  two  of  what  had 
been  four  company  units  before 
the  reorganization. 

Nortel  also  is  gunning  for  the 
defense  and  government  mar¬ 
kets,  which  represent  tens  of  bil¬ 
lions  of  dollars  annually  in  the 
U.S.,  Owens  says. 

He  also  says  enterprise  opera¬ 
tions  were  spared  the  brunt  of  the 
3,500  layoffs  announced  last 
week,  which  represents  10%  of 
Nortel’s  workforce. 

The  renewed  emphasis  on  the 
corporate  world  comes  none  too 


soon  to  some.  Barring  such  a 
renewed  commitment,  invest¬ 
ment  firm  UBS  Warburg  suggest¬ 
ed  recently  that  Nortel  consider 
paring  down  or  even  selling  off  its 
enterprise  and  optical  units  to 
reach  profitability  targets.  Analyst 
Nikos  Theodosopoulos  says 
enterprise  and  optical  were  a 
“drag”  on  Nortel’s  profitability 

Also,  Nortel  is  a  distant  No.  2  to 
Cisco  in  enterprise  LAN  switching 
with  a  5.3%  share  of  the  $3.3  bil¬ 
lion  market  in  the  second  quarter, 
according  to  Synergy  Research. 

Nortel’s  LAN  switching  revenue 
dropped  10%  between  the  first 
and  second  quarters,  Synergy 
says.  Growth  in  the  company’s 


enterprise  business  has  been 
weaker  than  Nortel’s  competitors 
for  two  years,  according  to  UBS 
Warburg. 

Owens  says  Nortel  did  consider 
spinning  off  or  selling  its  enter¬ 
prise  business.  But  the  synergies 
between  enterprise  and  carrier, 
and  the  role  the  unit  plays  as  the 
“seedcorn”  for  Nortel’s  defense 
and  government  activity,  con¬ 
vinced  the  company  to  retain  it. 

“I  don’t  think  it  has  been  in  the 
natural  DNA  of  Nortel  to  be 
strongly  in  the  enterprise  busi¬ 
ness,”  Owens  admits  “It  hasn’t  had 
the  focus  and  the  direction  that  is 
natural  for  Nortel  to  have  with  its 
biggest  customers,  the  major  tel¬ 


CA  looks  to  reduce  ‘integration  tax’ 


The  Computer  Associates  plan 

The  company’s  network  and  systems  management  plans  face  several  challenges. 


Strategy 

Challenge 

Provide  an  integration  framework 
under  the  covers  and  across  all 
products. 

CA  needs  to  establish  a  clear  product  calendar  detailing  which 
software  will  be  upgraded  with  the  integration  technology  in  areas 
customers  most  need,  such  as  management,  security  and  storage. 

Attack  security  problems  with 
products  to  address  identity,  threat 
and  security  information  management. 

CA  has  to  either  combine  existing  products  or  develop  new  products 
that  can  proactively  detect  advanced  security  threats,  such  as 
spyware,  and  lock  down  networks  from  further  infection. 

Integrate  business-process  policies 
into  its  primarily  IT-management 
product  line. 

CA  must  prove  its  technology  background  can  translate  into  letting 
customers  identify  and  define  processes  and  translate  that  into 
management  software. 

v _ y 


■  BY  DENISE  DUBIE 

Jeff  Goldberg  uses  many 
Computer  Associates  Unicenter 
software  applications  to  manage 
the  network  at  Walter  Reed  Army 
facilities. With  each  CA  product, he 
says  he  has  to  tap  into  a  separate 
database  and  sometimes  hop 
from  console  to  console  to  com¬ 
pare  management  data  via  the 
administrator  interface. 

“At  the  very  least,  it’s  inefficient, 
but  it  could  also  be  causing  per¬ 
formance  and  back-up  issues,” 
says  Goldberg,  director  of  enter¬ 
prise  management  services  for 
Management  Solutions  &  Sys¬ 
tems,  a  systems  integrator  in  Capital  Heights, 
Md.,  in  charge  of  maintaining  management 
software  for  Walter  Reed,  in  Washington,  D.C. 
“CA  needs  to  integrate  its  products  more.  If 
certain  products  were  sharing  the  same  data¬ 
base,  it  would  make  it  easier  for  reporting 
and  back-up  purposes,”  he  says. 

Goldberg  is  the  kind  of  customer  CA  has 
in  mind  with  its  Management  Database, 
technology  the  company  detailed  at  a  brief¬ 
ing  last  week  and  which  is  expected  to 
emerge  in  CA  products  as  early  as  this 
year.Typically,  each  CA  product  has  its  own 
data  repository,  but  with  the  new  technol¬ 
ogy  users  will  have  the  option  to  use  a 
shared  database  or  maintain  a  separate 
database  for  each  CA  applications. 

CA  says  it  has  created  a  standard  interface 
for  its  software  that  customers  can  opt  to  use 
via  the  company’s  portal  software  for  multi¬ 
ple  products,  or  maintain  separate  consoles. 

"Integration  is  really  a  tax  on  IT  users. They 
pay  for  the  product,  but  then  have  to  pay 
more  arui  more  for  integration,”  says  Mark 
Barrenechea.  CAs  executive  vice  president  of 


product  development. 

CA  CTO  Yogesh  Gupta  says  by  sharing  data, 
CA  management,  security,  storage  and  appli¬ 
cation  life-cycle  products  also  can  interact  to 
automate  complex  IT  tasks  such  as  patch 
management.  He  says  CA  doesn’t  expect  cus¬ 
tomers  to  replace  everything  they  have  with 
new  CA  software,  but  they  might  want  to  reap 
the  added  benefits  of  integration. 

“If  the  software  that  tracks  your  assets  can 
use  that  asset  data  to  perform  vulnerability 
scans  and  patch  machines,  then  why  not  take 
advantage  of  the  capabilities  gained  by  shar¬ 
ing  data,”  Gupta  says. 

Industry  watchers  say  it  will  be  a  challenge 
for  CA  to  integrate  its  vast  product  line. 

“The  biggest  challenge  for  CA  is  to  identify 
where  it  makes  sense  to  integrate.  The  com¬ 
pany  needs  to  focus  on  what  customers  need 
now,” says  Stephen  Elliot, a  senior  analyst  with 
IDC. 

Competitors  such  as  HP  and  IBM  also  have 
announced  integration  plans:  HP  with  its 
OpenView  Management  Integration  Plat¬ 
form,  which  lets  management  systems  share 


data  via  Web  services;  and  IBM’s  Common 
Event  Infrastructure,  which  helps  Big  Blue 
better  integrate  and  correlate  events  from 
business,  application  and  IT  systems  on  one 
console. 

“All  of  these  product  lines  are  beginning  to 
hone  in  on  what  their  value  is  and  how  much 
more  they  can  do  if  they  actually  share  infor¬ 
mation,”  Elliot  says.  “The  management  ven¬ 
dors  realize  the  economy  has  changed  and 
there  is  a  trend  toward  tool  consolidation 
among  customers,  so  they  need  to  make  the 
case  for  using  their  products  stronger” 

In  Goldberg’s  case,  he’d  like  to  see  a  data¬ 
base  shared  among  products  such  as  Asset 
Management  and  Software  Delivery  because 
he  uses  Ihe  products  in  concert  to  upgrade 
applications  and  roll  out  patches.  But  he  says 
he  is  skeptical  about  all  CA  products  tapping 
the  same  data  resource. 

“There  is  too  much  of  an  element  of  putting 
all  your  eggs  in  one  basket  for  me,"  Goldberg 
says.  “It’s  just  too  easy  for  a  database  to 
become  corrupted.  I  wouldn’t  want  every¬ 
thing  tied  to  the  corrupt  data  source.’’H 


cos  of  the  world.  But  as  major  tel¬ 
cos  have  become  more  interest¬ 
ed  in  enterprise  and  bundled  IP 
solutions, so  have  we.” 

In  establishing  the  Enterprise 
and  Carrier  business  units,  Nortel 
consolidated  four  units  into  two. 
The  previous  ones  were  Wireline, 
Wireless,  Optical  and  Enterprise. 

Owens  says  the  streamlining 
reflects  market  realities.  “We’re 
all  heading  toward  a  converged 
solution,”  he  says.  The  reorgani¬ 
zation  also  will  result  in  a  more 
customer-attentive  structure 
dedicated  to  integrating  security 
into  the  converged  product  set, 
he  says. 

Analysts  say  the  industry  should 
take  note  of  Nortel’s  move. 

“The  reorganization  reflects  the 
convergence  of  fixed  and  mobile 
worlds  and  the  need  to  have  an 
organization  that  is  customer  and 
value-chain  facing,  rather  than 
split  by  traditional  product/mar¬ 
ket  segments,”  says  Bill  Lesieur, 
director  of  Technology  Business 
Research.  “[It]  will  drive  both 
organizational  change  within  the 
equipment  industry  and  structur¬ 
al  changes  in  the  industry  as  the 
competitive  environment  be¬ 
comes  driven  by  companies  that 
have  a  balance  of  integrated 
fixed  and  mobile  infrastructure 
solutions”  rather  than  dominating 
one  product  area  or  another. 

Nortel  estimates  the  reorganiza¬ 
tion  will  cost  $300  million  to  $400 
million  but  will  save  the  company 
$450  million  to  $500  million 
annually  including  reductions  in 
research  and  development 
spending  and  investments  in 
long-haul  optical  systems. 

Nortel  also  fired  seven  more 
executives  laSt  week  as  the  com¬ 
pany  continues  to  repair  the 
damage  wrought  by  its  account¬ 
ing  scandal. The  scandal,  which 
triggered  ongoing  criminal 
investigations  of  Nortel  by  Royal 
Canadian  Mounted  Police,  the 
Securities  and  Exchange 
Commission  and  the  Ontario 
Securities  Commission,  cost 
Nortel  CEO  Frank  Dunn  and  two 
other  executives  their  jobs  in 
April.  Nortel  will  seek  to  recoup 
$10  million  in  bonuses  from  the 
10  terminated  executives, 
Owens  says. 

In  addition  to  its  reinvigorated 
efforts  on  the  enterprise  market, 
Nortel  —  like  its  rival  Lucent  —  is 
investigating  opportunities  in  the 
professional  services  business.  ■ 


Compuware 
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THE  POWERTO  Monitor,  Anticipate,  Resolve 

Monitor  application  performance  from  every  angle — from  the  end-user  perspective  and  back  through 
the  network,  to  the  server  and  database  tiers — with  Compuware  Vantage.  Anticipate  application 
bottlenecks  before  they  impact  business  processes.  End  the  fingerpointing  between  network,  server 
and  development  teams  and  bring  a 


new  balance  to  problem  resolution. 
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'&?  SP2  deployment  is  smooth  —  so  far 


Service  Pack  evaluation 

With  Windows  XP  Service  Pack  2  out  now  for  a  week,  users  report  they  are  seeing  fewer 
problems  than  expected.  The  two  most  prevalent  issues  require  a  hotfix  or  a  firewall 
configuration  change  to  correct. 


Issue: 


Solution: 


Access  to  Microsoft  issued  a  pre-SP3  hotfix  that  corrects 

multiple  local-host  the  problem  that  affects  mostly  SSL  VPN 
addresses  blocked  software. 


Windows  Firewall 
on  by  default 


Microsoft  released  a  list  of  some  250  applications 
that  might  behave  differently,  such  as  showing 
an  extra  dialogue  box,  and  a  shorter  list  of  some 
40  applications  that  require  firewall  configuration 
changes  before  they  will  function  correctly. 


SI  BY  JOHN  FONTANA 

As  Microsoft  smooths  out  the 
ripples  after  last  week’s  big  splash 
with  Windows  XP  Service  Pack  2, 
users  say  they  found  fewer  prob¬ 
lems  than  they  expected,  but 
some  complain  that  late  code 
changes  and  lingering  compati¬ 
bility  issues  will  serve  to  refuel 
testing  efforts  and  further  delay 
full-scale  deployments. 

The  biggest  deployment  issues 
last  week  involved  tweaking  the 
Windows  Firewall,  which  is  turned 
on  by  default,  to  open  ports  or 
configure  exceptions  to  ensure 
applications  such  as  anti-virus 
and  management  work  correctly 

Microsoft  also  issued  a  hot  fix 
to  correct  an  IP  addressing  bug 
that  was  crippling  VPN  software 
and  another  that  will  make  it 
possible  to  edit  new  XP  SP2 
Group  Policy  Objects  from  older 


Windows  platforms. 

The  company  also  fixed  a  bug 
that  prevented  users  with  Soft¬ 
ware  Update  Services,  which  lets 
corporations  centrally  manage 
patch  deployments  from  inside 
their  firewalls,  from  controlling 
the  installation  of  XP  SP2. 

“We  have  seen  fewer  problems 
than  expected  and  not  anything 
major,”  says  Russ  Cooper,  modera¬ 
tor  of  the  NT  BugTraq  Web  site 
and  senior  scientist  for 
TruSecure,  which  develops  secu¬ 
rity  and  risk  management  prod¬ 
ucts  and  services.  He  says  prelim¬ 
inary  results  of  his  online  survey 
of  more  than  600  people  show 
43%  of  users  plan  to  deploy  the 
software  in  the  next  30  days  or 
less  and  25%  in  the  next  three 
months,  while  14%  were  unde¬ 
cided  on  when  to  deploy 

Some  users,  however,  discov¬ 
ered  compatibility  problems  with 


applications  they  already  had 
tested  and  blamed  last-minute 
changes  Microsoft  made  to  the 
XP  SP2  code. 

“If  I  am  upset  about  anything  it 
is  the  fact  that  Microsoft  did  make 


what  I  consider  to  be  significant 
last-minute  [code]  changes  in  the 
final  days  and  weeks  without  pro¬ 
viding  even  those  with  extraordi¬ 
nary  access  [to  source  code]  the 
ability  to  test  their  applications,” 
says  Jeff  Altman,  president  of 
Secure  Endpoints,  a  consulting 
firm  in  New  York. 

Barry  Goffe,  group  product  man¬ 
ager  for  Windows  product  market¬ 
ing, says  “a  fair  number  of  changes 
were  made  between  the  release 
candidate  and  final  code,”  but 
adds  that  this  is  normal  procedure 
for  all  software  development. 

Others  found  severe  incompati¬ 
bility  problems  with  homegrown 
applications  and  some  say  the  XP 
SP2  code  is  not  ready  for  enter¬ 
prise  deployments. 

“It’s  sloppy  code,”  says  Ian 
Hayes,  a  security  manager  for  a 
major  government  contractor  he 
asked  not  be  named.“This  service 
pack  may  be  more  suitable  for  XP 
Home  users  but  not  for  people 
who  use  power  apps  or  security 
tools  that  run  XP  Pro.” 

Hayes  says  he  found  that  SP2 
erased  restore  points  used  to  roll 
back  to  a  stable  operating  sys¬ 
tem  configuration,  forcing  the 
rebuilding  of  some  desktops.“It’s 
going  to  be  a  long  slow  evalua¬ 
tion,”  he  says. 

A  German  research  firm  report¬ 
ed  it  found  two  bugs,  but  Micro¬ 
soft  officials  refused  to  comment 
on  what  it  labeled  “unsubstan¬ 
tiated  issues.” 

But  with  nearly  300  applications 
already  affected  by  XP  SP2,some 
large  corporate  customers  aren’t 
exiting  the  test  phase. 

“We  have  decided  not  to  do  SP2 
at  this  point,”  says  Richard 
Mickool,  executive  director  of  in¬ 
formation  services  at  North¬ 
eastern  University  in  Boston. 
“We’re  just  not  sure  of  what  appli- 


How  to  get  help: 

Users  need  to  call  Microsoft 
Professional  Support  Services. 


Check  with  the  specific  vendor  or 
look  at  a  list  on  Microsoft's  Web 
site.  See  www.nwfusion.com, 
DocFinder3449. 


cations  and  how  many  it  will 
break.  Until  we  know  what  and 
how,  we  want  to  work  carefully 
around  that.” 

Others  also  say  they  are  allow¬ 
ing  for  prudent  evaluation  peri¬ 
ods,  but  say  problems  they  are 
finding  with  broken  applications 
is  the  price  for  converting  to  a 
more  secure  operating  system. 

Joe  Doyle,  network  engineer  for 
Promega  in  Madison, Wis., is  at  the 
start  of  his  final  three  weeks  of 
testing. “Knowing  that  changes  to 
the  [operating  system]  will  help 
mitigate  new  worms  and  viruses 
and  protect  our  users,  sometimes 
from  themselves,  lets  us  as  sys¬ 
tems  administrators  sleep  better 
at  night.” 

“With  the  firewall  turned  on  by 
default  that  means  a  whole  class 
of  attacks  on  Windows  will  no 
longer  succeed.  And  hooray  for 
that!”  says  Mark  Rockman,  pro¬ 
grammer  and  systems  administra¬ 
tor  for  Alphagenics  in  Rockville, 
Md.,  who  already  has  rolled  out 
XP  SP2  on  his  small  network  with¬ 
out  incident. 

But  others  had  enough  inci¬ 
dents  to  know  that  XP  SP2  won’t 
make  it  out  of  their  test  labs  for 
some  time. 

“We  have  a  lot  of  homegrown 
applications  that  did  not  work 
well  with  SP2.It  will  be  six  months 
before  we  roll  it  out,”  says  Chip 
Logan,  IS  manager  for  Alvey 
Systems,  which  manufactures 
material  handling  equipment, 
with  U.S.  headquarters  in  Dan¬ 
ville,  Ky 

In  the  end,  users  say  XP  SP2’s 
greatest  feature  might  be  that 
Microsoft  is  starting  to  under¬ 
stand  security 

Network  World  Senior  Editors 
John  Cox,  Tim  Greene  and  Ellen 
Messmer  contributed  to  this  story. 


Compellent  unveils  low-end  SAN 


■  BY  DENI  CONNOR 

Compellent  this  week  is  expected  to  unveil  a  prod¬ 
uct  for  small  and  midsize  business  storage-area  net¬ 
work  users. 

Storage  Center  QuickStart  is  designed  for  users 
migrating  from  direct-attached  storage  (DAS)  to  a 
system  that  is  more  easily  manageable  and  fault-tol¬ 
erant.  Consisting  of  a  switch  and  storage  array  that 
uses  Fibre  Channel,  Serial  Advanced  Technology 
Attachment,  Serial  Attached  SCSI  or  SCSI  drives, 
Storage  Center  QuickStart  features  a  modular  archi¬ 
tecture  that  can  grow  from  IT  to  more  than  100T 
bytes  and  attach  to  Fibre  Channel  or  iSCSI  networks. 

Jason  Glauch,  network  operations  supervisor  for 
Kyocera  America  in  San  Diego,  considered  HP’s 
Enterprise  Virtual  Array  Xiotech’s  Magnitude  3D  and 
Compellent’s  Storage  Center  when  looking  to 
deploy  his  first  SAN.  He  wanted  to  consolidate  the 
direct-attached  storage  on  his  NetWare  5.1  and  6.5 
servers  and  save  money  in  the  process. 

“Right  now  we  have  two  NetWare  servers  that 
have  200G  bytes  of  direct- 
attached  storage,”  Glauch  says. 

“With  Compellent’s  Storage 
Center,  we’re  not  going  to  need 
those  two  servers  anymore. 

Instead  of  buying  a  server  with 
internal  drives,  we  can  get  away 
with  a  less-expensive  server  and 
save  $16,000  per  server.  We’ve 
saved  about  $60,000  so  far.” 

Storage  Center  QuickStart  ships 
with  virtualization  software  and 
snapshot  back-up  capability.  It 
includes  the  ability  to  expand  stor¬ 
age  volumes  without  taking  the 
array  down  and  boot  servers  from 
a  SAN  using  pre-configured  images 


of  server  operating  systems  and  applications. 

Glauch  also  saved  money  by  not  having  to 
license  server  software  separately,  as  he  would 
have  had  to  do  with  HP’s  or  EMC’s  low-end  SAN 
packages. 

“With  Compellent,  we  don’t  have  a  license  fee  per 
server  that  we  attach  to  the  SAN,”  he  says.“If  we  had 
tried  to  do  it  with  the  HP  EVA  3000,  we  would  have 
had  to  pay  $2,000  per  server  to  attach  it  to  the  SAN. 
In  addition, I  couldn’t  boot  my  NetWare  servers  from 
the  SAN.” 

HP  has  Secure  Path  software,  which  lets  Windows 
servers  boot  from  a  SAN,  but  not  remote  boot  soft¬ 
ware  that  supports  NetWare. 

Storage  Center  QuickStart  also  only  uses  disk 
space  when  data  is  written.  Glauch  says  this  will  let 
him  allocate  more  storage  to  a  server  than  the 
amount  of  physical  storage  available  on  the  array 
thus  maximizing  storage  utilization. 

The  market  for  low-end, easy-to-install  SANs  is  grow¬ 
ing.  Qlogic  has  its  2G-byte  SAN  Connectivity  Kit, 
which  consists  of  a  Fibre  Channel  switch,  four  host 
bus  adapters,  cabling  and  SAN 
management  software.  HP  recently 
announced  StorageWorks  EVA 
3000  Starter  Kit,  which  includes  IT 
byte  of  Fibre  Channel  storage,  man¬ 
agement  software  and  two  Secure 
Path  host  licenses  for  $42,000. 

According  to  research  firm  Ac¬ 
cess  Markets  International 
Partners,  small  and  midsize  busi¬ 
nesses  spent  almost  $2.8  billion  on 
networked  storage  in  2003.  That 
number  will  increase  to  almost  $20 
billion  by  2006,  the  firm  says. 

The  Compellent  Storage  Center 
QuickStart  starts  at  between 
$20,000  and  $30,000.  ■ 


More  online! 


Learn  the  steps  in  prioritizing  and 
managing  your  enterprise-wide  data  in 
Network  World's  IT  Briefing  Webcast. 
You'll  get  expert  insight  from  Senior  Editor 
Deni  Connor. 
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Q  west 


LET  QWEST  iQ  NETWORKING  TRANSFORM  YOUR  NETWORK 
INTO  ONE  WELL-OILED,  SMOOTH-RUNNING  MACHINE. 


Some  say,  “No  way.”  We  say,  “Bring  it  on.”  Qwest  iQ  Networking  ”  makes  disparate  transport  technologies  act 
like  a  single,  state-of-the-art  network.  Now  your  ATM,  frame,  private-line  and  IP-based  networks  can  all  work 
together  as  one  seamless  entity.  Better  security,  more  robust  hosting  capabilities  and  more  diverse 
solutions  are  at  your  beck  and  call  with  our  converged,  intelligent  OC-192  MPLS-based  network.  Which  means 
you’ll  also  get  more  out  of  the  applications  you’ve  already  invested  so  much  time,  money  and  energy  in.  And 
you’ll  be  able  to  adapt  more  readily  and  proficiently  with  new  technologies  like  VoIP.  So  give  us  a  call  when 
you’re  ready  to  advance  your  network  to  a  new  level  of  converged  harmony.  We’re  waiting  in  the  wings  with 
the  tools  to  make  it  happen. 


1  800-506-0663  or  visit  qwest.com/networksolutions 


Qwest 

Spirit  of  Service™ 

VOICE  SOLUTIONS  DATA  SOLUTIONS  INTERNET  SOLUTIONS  MANAGED  S  0  L  U  T  I  ON  S 


Qwest  iQ  Networking:  Qwest  iQ  Networking  is  a  suite  of  WAN  Services  with  domestic  and  international  availability,  depending  on  services  selected.  Recurring  fees  vary,  depending 
on  services  ordered.  Additional  equipment  may  be  required.  All  trademarks  are  the  property  of  Qwest  Communications  International  Inc.  ©2004  Qwest.  All  rights  reserved. 
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Vendors  automate 
content  management 

FileNet,  Interwoven,  EMC  ready  new  products. 


S  BY  ANN  BEDNARZ 

Two  content  management  vendors  will  broaden  their  product  port¬ 
folios  in  the  coming  weeks  to  make  it  easier  for  customers  to  auto¬ 
mate  the  error-prone  job  of  archiving  business  documents. 

FileNet  and  Interwoven  are  adding  records  management  technol¬ 
ogy  to  their  suites.  The  new  tools  are  aimed  at  helping  companies 
manage  the  records-related  demands  of  legislation  such  as  the 
Sarbanes-Oxley  Act  and  Health  Insurance  Portability  and 
Accountability  Act. 

FileNet  built  its  records  management  module  from  scratch,  while 
Interwoven  paid  $2  million  to  acquire  technology  from  Software 

Intelligence. 


Record  gaps 

The  job  of  records 
management  is  not 
getting  done,  according 
to  a  survey  of  2,200 
records  managers 
conducted  by  Cohasset 
Associates. 

41%  of  respondents  rate 
their  existing  records 
management  program  as 
marginal  or  fair. 


38%  don’t  regularly  adhere 
to  retention  schedules. 


59%  don't  have  a  formal 

e-mail  retention  policy. 

33%  are  not  confident  their 
company,  if  legally  challenged, 
could  demonstrate  that  its 
electronic  records  were 
accurate,  reliable  and 
trustworthy. 


Traditional  content  manage¬ 
ment  technology  is  focused  on 
the  early  life  of  a  document  — 
content  creation,  editing  and 
access  —  says  Robert  Williams, 
president  of  consultancy  Cohasset 
Associates.  Records  management, 
meanwhile,  is  focused  on  the  lat¬ 
ter  part  of  the  content  life  cycle, 
such  as  document  retention  (for 
purposes  of  auditing  or  discovery) 
and  document  disposal. 

Combining  the  two  disciplines 
makes  sense,  Williams  says.  For  IT 
users,  the  opportunity  to  get  more 
features  from  fewer  content-relat¬ 
ed  software  providers  is  a  plus. 

Products  such  as  the  new  File- 
Net  Records  Manager  also  can 
reduce  the  likelihood  of  record¬ 
keeping  mistakes  by  automatical¬ 
ly  enforcing  policies.  Instead  of 
putting  the  onus  on  people  to  fol¬ 
low  records  management  poli¬ 
cies  and  retention  schedules,  the 
software  can  make  sure  all 
records  related  to  a  specific  busi¬ 
ness  process  or  project  are  auto¬ 
matically  declared,  properly  classified  and  retained,  Williams  says. 

According  to  Williams’  firm,  companies  can  use  all  the  help  they 
can  get.  A  recent  Cohasset  Associates  survey  found  U.S.  companies 
aren't  vigilant  about  handling  business  records,  particularly  electron¬ 
ic  documents  such  as  e-mail  and  instant  messages.  Among  2,200 
records  managers,  47%  said  their  company  doesn’t  include  electron¬ 
ic  records  in  its  retention  and  destruction  schedules,  and  59%  don’t 
have  a  formal  e-mail  retention  policy. 

Meanwhile,  EMC’s  Documentum  division  has  set  its  sights  on  easing 
another  content-related  pain:  information  retrieval. 

According  to  research  from  Delphi  Group,  users  spend  at  least  two 
hours  each  day  using  computers  to  search  for  work-related  informa- 
tion.To  make  that  chore  easier,  EMC  this  week  is  expected  to  unveil  a 
tool  for  integrating  and  searching  multiple  content  sources  from  a 
single  interface. 

The  vendor’s  Enterprise  Content  Integration  Services  software  lets 
users  integrate  heterogeneous  content  from  sources  such  as  busi¬ 
ness  applications,  databases,  Web  search  engines  and  syndicated 
content  providers.  It’s  built  on  technology  EMC’s  Documentum  divi¬ 
sion  gained  through  its  March  purchase  of  Xerox’s  askOnce  bus¬ 
iness  unit. 

EMC’s  Enterprise  Content  Integration  Services  and  FileNet’s 
Records  Manager  are  available  now;  enterprise  pricing  for  each  prod¬ 
ucts  starts  at  about  $100,000.  Interwoven  Records  Manager  is  slated  to 
be  available  by  the  end  of  the  quarter.  ■ 
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Anti-virus  vendors  adding 
spyware  to  target  list 


■  BY  ELLEN  MESSMER 

Businesses  that  use  anti-virus 
software  to  protect  employee 
desktops  now  say  they  also  want 
to  eradicate  spyware,  a  demand 
that’s  prompting  anti-virus  ven¬ 
dors  to  plunge  into  spyware’s 
murky  waters. 

For  example,  Computer  Assoc¬ 
iates,  which  sells  anti-virus  soft¬ 
ware  under  its  eTrust  security  pro¬ 
duct  line,  last  week  bought  anti¬ 
spyware  software  vendor  Pest- 
Patrol  for  an  undisclosed  sum. 

McAfee  this  week  plans  to 
make  available  VirusScan  Enter¬ 


Anne’s,  based  in  Gap,  Pa.  This 
probably  would  hold  down  costs. 
But  so  far, anti-virus  vendors  don’t 
appear  to  have  comprehensive 
spyware  protection. 

CA  has  no  immediate  plans  to 
blend  its  eTrust  anti-virus  and  the 
PestPatrol  anti-spyware  software. 
But  by  year-end  the  company  will 
adapt  PestPatrol  to  work  with  its 
eTrust  management  consoles  to 
unify  the  anti-virus  and  anti-spy¬ 
ware  software  deployment  and 
reporting,  says  Sam  Curry  vice 
president  of  eTrust  Security 
Management.  “We’ll  have  a  com¬ 
mon  update  engine  for  both.” 


foot  in  the  water” 

Anti-virus  experts  have  started 
analyzing  spyware  in  one  of  the 
most  influential  industry  groups: 
the  Computer  Anti-Virus  Research 
Organization.  The  group  has 
found  quite  a  bit  of  adware  that’s 
been  abandoned  in  desktop  mac¬ 
hines,  trying  to  relay  information 
to  Web  sites  that  no  longer  exist. 

“We  look  to  try  to  find  an  end- 
user  licensing  agreement  associ¬ 
ated  with  it  and  maybe  the  Web 
site  used  to  exist  and  it  was  once 
adware,  but  now  it’s  just  a  Trojan,” 
says  Craig  Schmugar,  research 
manager  at  McAfee  Avert  Labs.  In 


Organizations  with  an  eye  on  spyware 

Anti-virus  and  spyware:  Worlds  apart  or  coming  together? 


Name 

Makeup 

Purpose 

Computer  Anti-virus 
Research  Organization 
(CARO) 

Anti-virus  experts 

Analyze  malicious  code,  determine  common  naming 
conventions.  Increasingly  focused  on  spyware/adware 
problems. 

Anti-Virus  Emergency 
Discussion  Group 
(AVED) 

Cross-industry  group 

Organized  for  first  response  to  new  malicious  code 
threats  by  sharing  specimens.  Spyware/adware 
seldom  a  key  topic. 

Consortium  of  Anti- 
Spyware  Technology 
Vendors  (COAST) 

Founded  by  PestPatrol, 
Aluria  Software  and 
Webroot  Software. 

Has  sought  to  define  spyware,  especially  as  used  for 
marketing  purposes,  and  to  offer  industry  view  on 
social  issues.  Doesn't  do  technical  analysis. 

prise  8.0i,  the  first  edition  of  its 
anti-virus  software  designed  to 
wipe  out  200  types  of  spyware  in 
addition  to  protecting  against 
worms.  Other  anti-virus  vendors, 
including  F-Secure,  Trend  Micro 
and  Symantec,  also  are  taking  on 
spyware,  said  to  include  every¬ 
thing  from  adware  to  malware¬ 
like  Trojans  and  keyloggers. 

Whatever  you  call  it,  the  thou¬ 
sands  of  incarnations  of  adware 
and  spyware  are  raising  security 
and  privacy  concerns  and  dis¬ 
rupting  desktop  machines. 

“We  are  having  to  re-image 
about  20  desktops  per  week 
because  they  become  non-func- 
tional  from  spyware,”  says  Satish 
Ajnani,  CIO  for  Santa  Clara 
county  which  supports  a  network 
of  13,000  desktops. 

IT  managers  are  glad  that  anti¬ 
virus  vendors  say  they’re  ready  to 
fight  spyware.  But  many  question 
how  far  anti-virus  companies  will 
get  in  their  anti-spyware  crusade. 

To  find  both  spyware  and  virus 
protection  in  one  software  pack¬ 
age  “would  be  nice,”  says  Ted 
Downs,  network  operations  man¬ 
ager  at  retail  food  chain  Auntie 


One  problem  in  adding  com¬ 
prehensive  anti-spyware  protec¬ 
tion  into  anti-virus  is  that  the  soft¬ 
ware  file  size  would  bloat,  says 
John  Bedrick, group  product  mar¬ 
keting  manager  at  McAfee. 

“If  we  did  everything  Spybot  or 
PestPatrol  does,  that  would  be 
about  8  megabytes,”  he  notes.That 
would  mean  doubling  VirusScan, 
which  is  about  10  megabytes. 

“We’re  not  claiming  to  be  a 
replacement  for  anti-spyware,” 
Bedrick  says. 

However,  McAfee  this  fall  likely 
will  broaden  its  spyware  scope 
although  it’s  not  clear  whether 
this  would  end  up  in  VirusScan  or 
as  a  separate  product. 

F-Secure  also  is  mulling  a  spy- 
ware  defense.  According  to  Mikko 
Hypponen,  F-Secure’s  research 
director,  the  company  plans  to 
introduce  anti-adware  capability 
this  fall. 

Symantec  in  April  added  lim¬ 
ited  anti-spyware  protection  to  its 
corporate  anti-virus  software,  as  a 
separate  scanning  engine  for 
what  it  calls  “expanded  threats,” 
says  Gary  Ulaner,  Symantec  group 
product  manager. “We’ve  put  our 


contrast,  another  industry  group, 
the  Anti-Virus  Emergency  Dis¬ 
cussion  Group,  seldom  focuses 
on  adware  in  its  mission  to  spot 
emerging  threats. 

As  yet,  no  anti-spyware  groups 
perform  technical  analysis  on  an 
industry  basis  comparable  to  that 
done  in  the  anti-virus  industry 
The  Consortium  for  Anti-Spyware 
Technology  Vendors  (COAST) 
has  sought  to  •address  social  and 
legal  questions  but  probably  has¬ 
n’t  tackled  technical  issues  as 
much  as  it  should, says  David  Mill, 
CEO  of  one  of  its  founding  mem¬ 
bers,  Webroot  Software. 

COAST,  which  argues  spyware 
is  acceptable  if  based  on  a  user’s 
informed  consent,  has  struggled 
with  inner  turmoil  as  one  of  its 
founding  members,  Lavasoft, 
which  wanted  to  take  a  harder 
anti-spyware  line, quit  the  organi¬ 
zation  earlier  this  year.B 
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EMC  CLARiiON®  CHANGES  THE  WAY  YOU  THINK  ABOUT  STORAGE.  Your  information  and  applications 
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Sportvision's  on-screen  graphics  let  viewers  at  home  see  how  fast  their 
favorite  driver  is  going  and  how  hard  his  car’s  engine  is  working. 


NASCAR 

continued  from  page  1 

car  was  traveling  at  precisely  67 
mph  when  it  hit  the  wall  rear- 
end  first  on  lap  21 1. Viewers  at 
home  had  all  this  information 
and  more  courtesy  of  the  on¬ 
screen  graphics  that  were  part  of 
the  TNT  live  coverage  of  the 
Siemens  300  race. 

Calculating  and  displaying  real¬ 
time  information  such  as  speed 
takes  more  than  a  well-aimed 
radar  gun  and  some  quick 
hands  on  a  keyboard.“It’s  the 
most  complicated  graphic  to 
produce  in  television,” says  Bob 
Hess,  track  engineer  for  Sport- 
vision,  the  Chicago  technology 
company  NASCAR  contracts 
with  to  produce  the  real-time 
data  and  associated  graphics  for 
the  television  broadcasts. 

In  the  TV  compound  that  sat 
just  outside  the  grandstand 
behind  Turn  3  at  the  New 
Hampshire  course,  Hess  and  his 


team  of  a  half-dozen  engineers 
sat  in  one  of  the  13  TV  trucks  on 
site  to  produce  the  race.  Sport- 
vision’s  truck  is  dedicated  to 
receiving,  compiling  and  distrib¬ 
uting  telemetry  and  position  data 
from  each  car  in  the  race  and 
pushing  it  out  to  regular  TV,  pay- 
per-view,  the  Web  and  Nextel  cel¬ 
lular  phones. 

Each  car  is  equipped  with  a 
GPS  receiver  embedded  in  the 
roof  and  a  Data  Acquisition  and 
Positioning  System  (DAPS)  black 
box  mounted  near  the  rear  win¬ 
dow  that  collects  braking,  throt¬ 
tle  position  and  rpm  informa¬ 
tion.  Using  a  900-MHz  transmitter, 
the  DAPS  and  GPS  information  is 
radioed  to  one  of  the  three  or 
four  base  stations  positioned 
around  the  track.  Multiple  base 
stations  are  used  for  redundancy 
purposes,  as  objects  in  and 
around  the  track  could  block  the 
signal.The  telemetry  data  and 
GPS  data  is  collected  five  times 
per  second. To  get  from  the  base 


station  to  the  truck,  Sportvision 
taps  into  fiber  cable  connecting 
the  camera  positions  around  the 
track  or  a  DSL  modem  con¬ 
nected  to  Category  3  cabling. 

Cat  3?  “It’s  cheaper  [than  Cat  5] 
and  it  works,” says  Ken  Milnes, 
senior  vice  president  of  engi¬ 


neering  at  Sportvision. 

Inside  the  truck,  the  communi¬ 
cations  controller  (known  as  CC) 
aggregates  all  the  data,  including 
the  official  timing  information 
from  NASCAR,  which  is  provided 
via  an  RS-232  serial  interface.“CC 
organizes  the  data  in  a  way  that’s 
useful  for  the  other  applications 
we  run,”  Milnes  says,  adding  that  a 
proprietary  format  is  used  to 
store  the  data. 

A  Cisco  Catalyst  switch  con¬ 
nects  Windows  XP  and  Linux 
machines  used  to  produce 
graphics.  Coaxial  cable  feeds  the 
graphics  data  to  the  other  pro¬ 
duction  trucks  for  the  TV  broad¬ 
cast.  A  machine  called  T-Sync 
helps  synchronize  the  time 
codes  from  the  video  feed  with 
the  GPS  time  data. 

Another  challenge  is  to  match 
the  data  with  the  car  on  screen 
as  it  traverses  the  1 .058-mile  oval 
in  roughly  30  seconds  and  is 
viewed  from  myriad  camera 
positions.“As  the  camera  is  pan¬ 
ning,  tilting  and  zooming,  we 
need  to  know  what  the  camera 
is  representing  and  where  the 
car  would  be  in  the  picture,” 
Milnes  says. 

Sportvision  also  creates  the 
K-Zone  for  ESPN  baseball  cover¬ 
age  and  the  yellow  first-down 
line  used  in  football  broadcasts. 
Those  are  a  bit  easier,  given  a 
baseball  diamond  and  football 
field  are  relatively  uniform  in 
dimension  from  park  to  park.  For 
racing,  where  all  the  tracks  are 
different,  three-dimensional  topo¬ 
graphical  maps  of  all  23  tracks  in 
the  NASCAR  Nextel  Cup  Series 
have  been  created  from  aerial 
surveys  of  the  properties,  and 
each  camera  has  a  GPS  unit  that 
tells  the  truck  exactly  where  it’s 
located. This  lets  Sportvision’s 
computers  know  where  the  car 
is  within  10  centimeters.  It  also 
lets  TV  viewers  see  cartoon-like 
thought  bubbles  follow  cars 


Proofpoint  uses  anti-spam 
product  to  find  inside  leaks 


■  BY  CARA  GARRETSON 

Anti-spam  vendor  Proofpoint  wants  to  take  what  it 
knows  about  keeping  spam  out  of  an  organization 
and  apply  it  to  helping  companies  keep  trade 
secrets,  intellectual  property  and  other  sensitive 
information  inside  the  corporate  network. 

Within  six  months,  the  company  plans  to  release 
software  that  uses  the  same  base  technology  as 
Proofpoint’s  Protection  Server  anti-spam  product  to 
filter  outgoing  e-mail  for  information  leaks,  says  com¬ 
pany  CEO  Gary  Steele.  Proofpoint  sees  a  large  market 
for  such  software;  a  June  study  by  Forrester  Research, 
which  Proofpoint  commissioned, showed  43%  of  the 
140  corporations  surveyed  employ  staff  to  monitor 
outbound  e-mail  by  reading  its  contents.  The  No.  1 
concern  of  these  companies  is  making  sure  confi¬ 
dential  information  and  intellectual  property  is  not 
dispersed.  Compliance  with  regulations  such  as  the 
Sarbanes-Oxley  Act  and  Health  Insurance  Portability 
and  Accountability  Act  are  also  concerns. 

Proofpoint  this  week  will  release  a  gateway  appli¬ 
ance,  designed  to  protect  large  organizations  from 
spam,  and  an  upgrade  to  its  spam-fighting  software. 

Proofpoint’s  PI 000  appliance,  which  is  designed 
for  organizations  with  25,000  users  or  more,  can  scan 
up  to  4  million  e-mails  per  day  and  offers  300G  bytes 
of  storage  space  —  enough  to  quarantine  50  million 
unwanted  messages,  Steele  says. The  P1000  can  be 
used  by  itself  or  with  Proofpoint’s  smaller  appliances 
in  a  “master-agent”  configuration  where  all  adminis¬ 
tration,  reporting  and  access  to  quarantine  folders 
happens  centrally  on  the  PI 000, Steele  says. 

Given  the  different  ways  customers  can  deploy  the 
PI 000,  Proofpoint  says  its  appliance  is  more  flexible 
and  cost-effective  than  competing  offerings  from 
IronFbrt  and  CipherTrust. 


The  company  also  is  releasing  Version  2.5  of  its 
Proofpoint  Protection  Server,  available  as  gateway 
software  or  as  part  of  the  company’s  appliances. 
This  release  focuses  on  making  the  software  easier 
to  use,  as  opposed  to  implementing  new  spam¬ 
fighting  tactics.  The  company  sends  customers 
weekly  software  updates  of  the  latest  spammer 
tricks,  he  adds. 

Proofpoint  Protection  Server  2.5  lets  administra¬ 
tors  apply  e-mail  policies  to  groups, as  well  as  to  indi¬ 
viduals,  Steele  says.  It  also  features  improved  report¬ 
ing  capabilities,  adding  information  about  the  level 
of  end  users’  virus  protection  and  their  firewall  activ¬ 
ities.  With  2.5,  administrators  can  more  easily  search 
for  messages  and  track  a  message’s  path  through  the 
anti-spam  filter,  he  says. 

Virginia’s  Prince  William  County  schools  plans  to 
upgrade  its  Proofpoint  appliances  to  Version  2.5, says 
Jim  Hite,  supervisor  of  network  services  and  central 
operations.  The  software  “takes  the  intervention  out, 
we  can  let  our  users  make  their  own  assessment 
about  what  is  spam  or  not,"  Hite  says.“We  have  a  very 
small  staff,  one  email  administrator  and  one  secur¬ 
ity  administrator, so  we  have  to  do  things  smart.” 

Proofpoint’s  Protection  Server  features  the  com¬ 
pany’s  MLX  technology,  a  machinelearning  system 
that  “teaches”  the  software  to  identify  spam  based  on 
several  attributes.  These  attributes  include  telltale 
signs  in  an  unwanted  email’s  IP  address,  message 
headers,  structure,  content  and  phrasing.  For  exam¬ 
ple, spammers  often  embed  an  abundance  of  HTML 
code  in  a  message’s  text  —  Proofpoint’s  Protection 
Server  automatically  will  detect  its  presence  and 
flag  the  message  as  potential  spam. 

The  PI 000  appliance  starts  at  $25,000,  not  includ¬ 
ing  software.  Proofpoint  Protection  Server  2.5  is 
priced  between  $2  and  $20  per  user  per  year.H 


around  the  track  that  show  real¬ 
time  speed  and  the  “dot  racing” 
graphic  that  shows  how  far  a  car 
is  behind  the  leader  on  a  graphi¬ 
cal  representation  of  the  track. 

Sportvision  also  pushes  the 
data  out  in  a  compact  data  for¬ 
mat  over  aT-1  (with  a  back-up 
dial-up  connection)  to  Turner 
Sports  in  New  York,  producers  of 
the  nascar.com  site.  Subscribers 
to  the  TrackPass  service  get  a 
Java  applet  that  shows  the  same 
data  real-time  telemetry  informa¬ 
tion  via  the  Internet.  Pit  Com¬ 
mand,  a  graphical  representation 
of  the  track  and  car  positions, 
also  is  available  on  Nextel 
phones. 

Ironically  all  but  the  official  tim¬ 
ing  and  GPS  information  is  avail¬ 
able  during  an  event  to  the  race 
teams,  as  NASCAR  prohibits  them 
from  using  real-time  telemetry 
data,  all  in  the  name  of  parity 
and  competition. 

Of  course,  the  setup  happens 
for  36  races  almost  every  week¬ 
end  over  the  course  of  the  10- 
month  NASCAR  season.  Each 
track  presents  its  own  set  of  chal¬ 
lenges  for  the  crew.  Although 
Williams  Communications  pro¬ 
vides  T-l  connectivity  to  the 
truck  at  each  track  using  the 
same  IP  address  (no  need  to  re¬ 
configure  the  on-board  router), 
sometimes  the  local  telco  pro¬ 
vider  puts  the  physical  line  in 
the  wrong  place,  which  hap¬ 
pened  at  the  New  Hampshire 
International  Speedway  this  last 
time  around.  At  Talledega  Super¬ 
speedway  in  Alabama,  one  of  the 
setup  crew  got  lost  for  2  hours  in 
the  sewer  system  while  trying  to 
run  a  cable  under  the  track  to 
the  infield. 

With  the  data  Sportvision  pro¬ 
vides,  racing  fans  watching  on 
TV  or  the  Internet  get  a  feel  for 
how  close  these  guys  are  when 
hurling  around  the  track.  On  lap 
49,  there  was  a  3.26-second  dif¬ 
ference  between  the  first-and 
fifth-place  cars,  and  there  were 
three  cars  between  them.  So 
much  for  the  2-second  rule  you 
learned  in  drivers  ed.B 
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once  it  authenticates. 

“The  big  priority  is  security.  It 
kind  of  drowns  out  everything 
else,” says  Brad  Noblet,  director  of 
technical  services  at  Dartmouth 
College  in  Hanover,  N.H.“We  con¬ 
tinue  to  get  pounded  by  viruses, 
and  it  eats  up  an  awful  lot  of  man¬ 
power,  as  well  as  disrupting  peo¬ 
ple’s  lives.” 

The  worm  attacks  of  fall  2003 
coincided  with  a  new  strategic 
planning  effort  unfolding  at  Ohio 
State  University  (OSU)  to  make 
security  a  priority  “We’re  paying 
vastly  increased  attention  to  secu¬ 
rity”  says  Charles  Morrow-Jones, 
director  of  security  and  enter¬ 
prise  networking  at  the  school  in 
Columbus. 

The  change  is  reflected  in  the 
chain  of  command:  Security  used 
to  be  part  of  the  enterprise  net¬ 
works  group,  but  now  Morrow- 
Jones  reports  directly  to  the  CIO. 

Other  changes  include  central¬ 
ized  anti-virus  and  anti-spam  soft¬ 
ware,  instead  of  relying  on  PC 
applications.  OSU  selected  Clam 
AntiVirus,  an  open  source  pro¬ 
gram,  which  can  tie  into  e-mail 
applications;  and  Roaring 
Penguin’s  Canlt  anti-spam  soft¬ 
ware,  a  commercial  application. 
Finally  OSU  will  launch  a  half-day 
training  program  for  non-techni- 
cal  managers  in  departments 
such  as  finance  and  human  re¬ 
sources  on  how  to  secure  and 
protect  PCs  and  data. 

Changes  like  this  are  evidence 
that  security  is  being  seen  as  an 
increasingly  broad  issue,  affecting 
how,  and  whether,  services  are 
delivered  to  network  users.  McGill 
University  in  Montreal  is  deploy¬ 
ing  a  full-blown  identity  manage¬ 
ment  system  based  on  Novell’s 
Nsure  Identity  Manager,  Novell 
eDirectory  and  related  products. 

“We  have  students,  in-house 
staff,  faculty  alumni,”  says  Gary 
Bernstein,  McGill’s  director  of  net¬ 
works  and  communications  ser- 
vices.“We  have  to  keep  track  of  all 
of  them  in  terms  of  their  [net¬ 
work]  rights  and  privileges,  which 
are  often  changing.  We  want  to 
capture  this  data  and  make  it 
available  for  authorization  as  well 
as  authentication.” 

“This  is  more  than  conve¬ 
nience,”  he  says.  “This  is  becom¬ 
ing  the  foundation  for  almost  all 
network  operations  in  any 
organization.” 

Dartmouth  has  not  gone  that 
far,  but  this  fall  it  will  introduce 
Aladdin  Knowledge  Systems’ 
eToker.,  which  is  a  small  device 
that  plugs  into  a  USB  port  on  a 


PC  and  manages  a  digital  certifi¬ 
cate.  The  certificate  is  part  of  an 
open  source  public-key  infrastruc¬ 
ture  created  by  researchers  at 
Dartmouth’s  PKi  Lab  (see  www. 
nwfusion.com,  DocFinder.  3438), 
a  big  step  toward  creating  a 
secure,  single  sign-on  for  users  in¬ 
stead  of  juggling  numerous  user¬ 
name/password  combinations. 

The  eToken  will  be  handed  out 
to  students  with  their  Dartmouth 
photo  ID  cards.  Initially  the  token 
will  be  used  for  user  authentica¬ 
tion.  Eventually,  Noblet  wants  to 
upgrade  the  college’s  applications 
to  support  digital  certificates  and 
eliminate  passwords. 

Many  institutions  are  introduc¬ 
ing  specific  products  for  security 
either  creating  new  capabilities 


or  beefing  up  current  products. 

One  of  the  most  popular  is 
intrusion-prevention  systems 
(IPS),  which  watch  network  or 
application  use  to  report  on  sus¬ 
pected  attacks  or  unauthorized 
activity.  IPS  devices  can  be  con¬ 
figured  to  block  traffic  patterns 
that  are  known  or  suspected  to 
be  problematic. 

Northeastern  University  in  Bos¬ 
ton  is  deploying  TippingPoint 
Technologies’  UnityOne  IPS. 
“These  devices  sit  on  the  net,  so 
we  can  drop  [suspect]  traffic  be¬ 
fore  it  even  becomes  a  problem,” 
says  Richard  Mickool,  executive 
director  information  services. 

“You  have  to  be  careful  as  you 
put  all  your  traffic  through  these 
devices,”  Mickool  says. “You  don’t 
want  to  create  a  single  point  of 
failure, and  you  have  to  be  careful 
what  traffic  you  block.” 

Tufts  University  in  Medford, 
Mass.,  is  focusing  on  hardening 
the  edge  of  the  network  by  in¬ 


stalling  McAfee  IntruShield.There 
are  two  goals,  says  Marc  Jimenez, 
manager  of  network  engineering 
and  security:  harden  the  network 
edge  to  block  attacks  from  out¬ 
side  the  university  and  detect  in¬ 
ternal  hosts  that  have  been  taken 
over  to  launch  attacks  elsewhere. 
“This  will  give  us  another  tool  in 
locating  internal  hosts  that  have 
been  compromised,”  he  says. 

Keeping  PCs  clean  of  viruses 

New  products  and  policies  tar¬ 
get  keeping  client  PCs  clean  of 
viruses.  But  schools  this  year  are 
going  further:  They  want  to 
quickly  quarantine  these 
machines  and  keep  them  off  the 
network  until  the  PCs  are 
equipped  with  virus  definitions 


and  patches. 

“That’s  absolutely  the  direction 
we’re  going  in:  You  can’t  make 
your  computer  work  on  the  net 
until  you  get  scanned  by  us  and 
get  updated  and  also  sign  our 
acceptable-use  policy  promising 
to  be  a  good  [network]  person," 
says  Carl  Whitman,  executive  di¬ 
rector  of  e-operations  at  American 
University  in  Washington,  D.C. 

For  now,  when  American  Uni¬ 
versity  students  first  try  to  log  on, 
they’re  redirected  to  a  Web  site  to 
register  their  computers  and  get  a 
valid  IP  address. 

Dartmouth  lets  clients  power  up 
and  get  Internet  access.  But  start¬ 
ing  this  fall,  to  get  to  applications 
and  data,  users  have  to  be  authen¬ 
ticated  and  scanned  by  Sygate’s 
client/server  software. 

The  Sygate  agent  is  loaded  on  to 
each  PC,  and  the  server  code 
hooks  into  the  school’s  Norton 
anti-virus  software  and  its  authen¬ 
tication  system. 


At  each  logon,  the  Sygate  soft¬ 
ware  runs  a  set  of  checks  on  the 
PC’s  software.  If  Sygate  detects 
problems,  it  directs  users  to  a 
dedicated  Web  site,  sometimes 
called  a  captive  portal, backed  by 
a  tech  support  team.  Users  can’t 
regain  network  access  privileges 
until  they  download  patches  and 
get  help  to  fix  the  weaknesses. 

Dartmouth’s  help  desk  staff  is 
more  likely  to  reload  the  entire 
software  image  in  a  client  PC  than 
fix  a  specific  problem,  Noblet 
says.  “The  hackers  are  more  so¬ 
phisticated  than  they  used  to  be,” 
he  says.  “They  write  assembly  lan¬ 
guage  programs  that  are  hidden 
from  the  directory  and  therefore 
from  a  program  scanning  the 
directory.  We  had  some  cases 
where  we  patched  a  machine, 
thought  we  had  fixed  the  problem 
and  then  found  later  the  virus  was 
deeper  in  the  machine.” 

This  year  will  see  a  bigger  em¬ 
phasis  on  security  outreach,  edu¬ 
cation  and  evangelization.  More 
schools  will  introduce  network 
authentication  procedures  as  a 
standard  part  of  each  student’s  fall 
registration.  Summer  information 
packages  now  include  guidelines 
for  outfitting  student  PCs  with 
anti-virus  software,  and  school 
security  policies  and  best  prac¬ 
tices  to  keep  a  student’s  PC  clean 
and  safe. 

“This  year  we’re  expanding  our 
outreach  efforts  to  include  new 
avenues  such  as  online  video  pre¬ 
sentations,  as  well  as  messages 
contained  in  the  software  pack¬ 
ages  distributed  to  incoming  stu¬ 
dents, ’’Tufts’ Jimenez  says. 

American  University  is  creating 
a  series  of  posters  to  be  hung  in 
on-campus  buildings  with  warn¬ 
ings  and  tips  about  virus  protec¬ 
tion,  spam  and  copyright  issues. 

Northeastern  has  added  new 
network  security  information  to 
the  “welcome  back”  packets 
mailed  to  students.  And  this  year, 
all  residential  students  —  not  just 
the  freshman  —  get  client  anti¬ 
virus  software. 

McGill  is  adding  new  self-ser¬ 
vice  Web  applications  to  simplify 
network  requirements  for  users. 
One  is  a  new  Web  site  where  staff 
and  faculty  can  use  a  screen  to 
set  up  a  24-hour  guest  account  for 
wireless  LAN  access.  In  the  past, 
users  had  to  call  the  network  staff 
to  request  this. 

“It’s  the  same  old  enemies: 
viruses,  worms,  [peer-to-peer] 
file  transfers,”  American’s  Whit¬ 
man  says.  “But  there  are  some 
new  resources.”® 
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New  fall  curriculum:  net  security 

Some  changes  that  university  network  administrators 

have  implemented  for  the  new  academic  year: 

•  Intrusion-prevention  systems,  to  quickly  find  and  block 
suspicious  traffic. 

•  Realigning  security  functions  and  chain  of  command. 

•  Rigorous  scanning  of  PCs,  and  blocking  network  access  until 
users  have  up-to-date  software,  patches  and  virus  definitions. 

•  Directory-based  identity  management  system  for  authorizing 
access  to  services  and  authentication. 

•  For  the  first  few  weeks  of  fall  term:  early-morning  staff  meetings 
to  identify  problems,  coordinate  responses. 

•  Security  awareness  seminars  with  faculty  and  staff  on  "how 
to  secure  and  protect  your  PC  and  data.” 

•  Taming  rogue  e-mail  servers  by  registering  them;  linking  with 
central  anti-virus  filtering  software. 

•  Electronic  tokens,  or  smart  cards,  for  improved  authentication, 
stronger  password. 
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New  Microsoft  server 
tightens  integration 

■  BY  JOHN  FONTANA 


Microsoft  next  month  is  set  to  ship  the 
latest  version  of  its  integration  server  that 
helps  users  build  a  bridge  between 
Windows-based  distributed  applications 
and  IBM  mainframe  transactions. 

Host  Integration  Server  (HIS)  2004,  the 
first  upgrade  of  the  server  in  four  years,  is 
highlighted  by  tight  integration  with 
Microsoft’s  .Net  programming  model. The 
idea  is  to  give  next-generation  Windows 
developers  hooks  into  mainframe  and 
midrange  systems  such  as  AS/400. 

HIS  2004  is  designed  to  support 
Windows-based  front-end  applications 
that  can  trigger  transactions  on  the  main¬ 
frame.  In  addition,  host-initiated  applica¬ 
tions  can  retrieve  data  from  the  Windows 
platform  using  HIS  2004  as  a  gateway. 

“We  want  to  fool  the  application  so  that 
mainframe  data  looks  like  native  SQL 
Server  data,”  says  Tim  Kelly,  director  of  dis¬ 
tributed  technologies  for  Total  System 
Services  in  Columbus,  Ga.,  one  of  the 
world’s  leading  processors  of  credit  card 
transactions.  “HIS  allows  us  to  take  the 
results  of  a  [mainframe]  transaction  and 
let  a  Windows  application  retrieve  the 
data  from  a  table  that  is  populated  with 
the  transaction  results.” 

Kelly  says  the  company  has  built  a  series 
of  Web  applications  where  a  customer 
service  representative  can  click  one  but¬ 
ton  to  block  use  of  a  credit  card  and 
another  that  issues  a  new  card  when  a 
customer  reports  his  card  missing.  Both 
clicks  from  within  the  Windows  applica¬ 
tion  initiate  a  transaction  on  a  back-end 
mainframe. 

To  help  developers  build  those  types  of 
applications,  Microsoft  has  tightened  inte¬ 
gration  with  Visual  Studio,  added  new  IP 
routing  features,  and  added  single  sign-on 
capabilities  that  match  Windows  creden¬ 
tials  to  those  on  the  mainframe. 

HIS  2004  lets  users  integrate  host  appli¬ 
cations,  data  sources,  messaging  and  secu¬ 
rity  systems.  It  is  a  key  component  of 
Microsoft’s  integration  strategy,  which  also 
includes  BizTalk  Server,  and  for  the  single 
sign-on  component  of  its  identity  man¬ 
agement  road  map.  HIS  2004  competes 
with  IBM’s  line  of  WebSphere  extensions 


Correction 


■  The  story  "CoreStreet  scales  digital 
i  certificates"  (Aug.  9,  page  41)  incorrectly 

1  stated  that  the  OCSP  standard  (RFC 
2560)  required  the  use  of  nonces.  It  does 
not  make  that  requirement  and  therefore 
CoreStreet  is  in  compliance  with  the  stan¬ 
dard  in  this  regard.  CoreStreet  received 
an  overall  score  of  3.45. 
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for  integrating  mainframe  data  with  Web- 
based  applications  written  in  Java. 

“It’s  been  some  time  between  versions 
of  HIS,  but  we  think  this  new  version 
renews  our  commitment  to  this  space,” 
says  Tom  Casey  product  unit  manager  in 
the  business  process  and  integration  divi¬ 
sion  at  Microsoft. 

“There  is  no  end  in  sight  for  COBOL 
applications  running  on  the  mainframe, 
because  there  is  no  ROI  to  port  them  to  a 
modern  platform,”  says  Peter  Pawlak,  an 
analyst  with  research  firm  Directions  on 
Microsoft. 

Microsoft  is  focusing  on  deeper  integra¬ 
tion  between  HIS  2004  and  Visual  Studio 
development  tools.  The  highlight  is  the 
Transaction  Integrator  design  tool,  which 
runs  within  the  project  designer  in  Visual 
Studio  and  lets  developers  expose 
Customer  Information  Control  System 
and  Information  Management  System 
transactions  to  Windows  as  COM+  com¬ 
ponents,  .Net  packages  or  XML-based  Web 
services. 

Microsoft  also  has  added  a  feature  for 
tunneling  SNA  traffic  into  the  mainframe 
over  an  IP  network.  The  new  IP-DLC  Link 
Service  lets  PCs  connect  to  z900  main¬ 
frames  via  IP  networks. 

Also  new  is  a  managed  provider  for 
IBM’s  DB2  database,  which  lets  DB2  data 
be  published  as  Web  services  or  integrat¬ 
ed  into  Windows  forms,  such  as  those  that 
Microsoft’s  InfoPath  application  produce. 

HIS  2004  also  lets  Windows  servers  act 
as  peers  to  IBM  mainframes  and  AS/400 
computers  with  the  new  Host-Initiated 
Processing  feature.  The  new  Enterprise 
Single  Sign-On  passes  Active  Directory 
authentication  credentials  to  mainframe 
systems.  Microsoft  also  plans  to  make  an 
API  available  so  third-party  vendors  can 
build  password  synchronization  tools. 

HIS  2004,  which  is  scheduled  to  ship  Sept. 
1,  is  available  in  Standard  and  Enterprise 
editions.The  Standard  Edition  costs  $2,500 
and  includes  the  core  network,  data  and 
security  integration  technologies.  The 
Enterprise  Edition  costs  $10,000,  and  adds 
the  Transaction  Integrator  and  a  MQSeries 
and  Microsoft  Message  Queuing  bridge.* 


Get  your  FREE  book  and  learn  how  your 
company  can  manage  the  startling  growth 
in  email  volume — and  withstand  the 
massive  flood  of  spam,  viruses  and  fraud  that 
threaten  your  email  communication  system. 

To  order  your  free  copy  of 
GET  THE  MESSAGE: 

A  Business  Guide  to 
Surviving  the  Email  Security  Crisis, 
visit  www.ironport.com/book 
or  call  toll  free  866.882.8658 


I  ) IR0NP0RT 


Rebuilding  the  World’s  Email  Infrastructure 


Extreme  Networks  is  revolutionizing  the  networking  industry  with 
the  highest  performance  Layer  3  10/100/1000  fixed  configuration 
edge  switch,  with  the  industry's  first  and  only  modular  10  gigabit 
uplink  option.  The  Summit  400,  designed  for  enterprise  networks 
deploying  gigabit  to  the  desktop,  enables  customers  to  fearlessly 
deploy  Gigabit  Ethernet  to  the  edge  today,  and  have  the  added  peace 
of  mind  that  they  can  fully  performance-enable  their  wiring  closet 
infrastructure  through  future  upgrades.  How's  that  for  a  switch ? 


Contact  Extreme  Networks  at 
1.888.257.3000  or  visit  us  on  the  web 


www.extremenetworks.com/go/sum400.htm 


©  2004  Extreme  Networks,  Inc.  All  Rights  Reserved. 
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LAN/WAN  SWITCHES  AND  ROUTERS 
ACCESS  DEVICES  ■  SERVERS  ■  VPNS 
OPERATING  SYSTEMS  ■  NETWORKED  STORAGE 
VOIP  ■  WIRELESS  NETWORKS 


I0S  changes  could  alter  face  of  Cisco  routers 


for  carriers  trickles  down  to  business 
customers. 

The  introduction  in  May  of  IOS-XR,  the 
software  powering  Cisco’s  CRS-1  terabit 
router, signals  a  new  direction  for  IOS,as  the 
software  will  take  on  a  more  modular  archi¬ 
tecture,  with  the  promise  to  users  of  greater 
stability  and  easier  management.  Cisco  says 
this  transition  for  enterprise  networks  will 
be  gradual,  and  observers  warn  that  new 
features  might  entail  hardware  upgrades. 

IOS-XR  is  Cisco’s  next-generation  operat¬ 
ing  system  for  its  new  flagship  CRS-1 
router,  which  scales  to  96T  bits  of  band¬ 
width  with  support  for  multiple  OC-768 
(40G  bit/sec)  SONET  interfaces.  IOS-XR  is 
based  on  a  microkernel  from  QNX  Soft¬ 
ware  Systems,  which  makes  real-time 
operating  system  software. 

IOS  currently  works  a  single  piece  of  exe¬ 
cutable  code  on  a  router;  features  and 
functions  are  added  into  unique  software 
builds,  based  on  customer  needs. The  new 
architecture  more  resembles  a  PC  or 
server,  with  an  underlying  operating  system 
that  runs  IP  services  as  separate  processes 
—  similar  to  Microsoft  Word  run¬ 
ning  on  a  Windows  PC.  Observers  | 
say  this  technique  can  make 
routers  more  resilient  and  faster. 

“We’ll  be  looking  to  bring  some  of  those 
capabilities  into  the  broader  enterprise 
market,”  says  Martin  McNealis,  senior 
director  of  IOS  product  management  at 
Cisco.  However,  what  ends  up  in  enter- 


Road  ahead  for  IOS 

Some  challenges  facing  Cisco’s  IOS  and  strategies  for  growth. 


Challenges 

•  Simplify  the  myriad  IOS  builds 
available  to  enterprise  customers  with 
a  more  modular  architecture. 

•  Improve  IOS  security  as  the  software 
becomes  a  more  visible  target  to  hack 
attacks. 

•  Let  IOS  interoperate  with  different 
types  of  devices  from  third-party 
vendors. 


prise  IT  shops  will  not  be  exactly  the  same 
IOS-XR  used  by  carriers  —  or  potentially 
used  by  carriers,  because  Cisco  hasn’t 
sold  a  CSR-1  yet. 

“The  [multi-chassis]  fully  distributed 
[IOS-XR]  model  that’s  appropriate  for 
major  service  provider  backbones  is  prob¬ 
ably  overkill  for  the  enterprise 


ANALYSIS 


market,"  McNealis  says.“We  would 
look  to  get  [corporations]  a  ver¬ 
sion  of  IOS-XR  that  is  maybe  less  sophisti¬ 
cated  and  complex.” 

McNealis  says  this  trickle-down  effect 
already  started  last  month  with  the  release 
of  IOS  High  Availability  (IOS-HA)  for  the 
Catalyst  6500.  A  new  feature  in  IOS  Version 


Strategies 

•  Move  the  modular  feature  of  IOS-XR 
currently  for  carriers  only  into  the 
enterprise  market. 

•  Explore  new  Cisco  platforms  to  deploy 
IOS  —  such  as  Linksys  small- 
office/home-office  devices. 

•  Add  software  redundancy  to  core  IOS- 
based  switch  platforms,  such  as  the 
Catalyst  6500,  and  beyond. 


12.2S  IOS-HA  lets  Catalyst  6500s  run  dual 
supervisor  cards  and  failover  without  los¬ 
ing  packets  or  causing  even  a  millisecond 
of  network  disruption, Cisco  says.This  tech¬ 
nology  used  previously  on  Cisco  120000 
series  routers,  improves  on  previous  redun¬ 
dant  configurations,  which  involved  a  sec¬ 
ondary  supervisory  module  rebooting  the 
router  when  the  primary  fails. 

IOS  evolution 

McNealis  says  the  road  to  the  new  QNX- 
based  IOS-XR  began  five  years  ago,  when 
Cisco  was  acquiring  start-ups  and  churning 
out  new  products  almost  monthly 

See  Cisco,  page  20 


IBM  adds  fourway  server  to  i5  line 


■  BY  PHIL  HOCHMUTH 

Companies  can  expect  to  see  more  mod¬ 
ularity  and  features  in  Cisco’s  IOS  software 
over  the  next  several  quarters,  as  the  ele¬ 
ments  of  technology  it  recently  introduced 


■  HP  last  week  released  the  final 
processor  upgrade  for  its  Alpha¬ 
Server  line  of  Unix  servers.  The  1.3- 
GHz  EV7z  marks  the  last  in  a  line  of 
RISC  processors  initially  developed  by 
Digital  Equipment  but  ultimately 
acquired  by  HP  as  part  of  its  2002 
acquisition  of  Compaq.  First  devel¬ 
oped  in  1992,  the  Alpha  processor  was 
highly  regarded  by  analysts  for  its 
technical  capabilities,  but  it  never 
managed  to  attain  the  market  share 
of  rival  RISC  processors  from  IBM, 
Sun  or  HP.  Its  death  blow  came  with 
the  Compaq  acquisition  when  it  be¬ 
came  a  victim  of  HP's  strategic  deci¬ 
sion  to  adopt  Intel's  Itanium  processor 
in  favor  of  RISC  alternatives.  HP  will 
continue  to  sell  its  AlphaServers 
through  2006  and  will  support  them 
until  2011.  The  EV7z  is  available  in  HP's 
AlphaServer  GS1280  servers,  which 
start  at  $96,100,  according  to  HP.  HP 
also  will  offer  a  faster,  1.15-GHz  ver¬ 
sion  of  the  EV7  processor,  which  ships 
in  its  lower-end  ES47  and  ES80  sys¬ 
tems.  Pricing  for  the  ES47  and  ES80 
systems  with  the  new  1.15-GHz  EV7 
will  start  at  $29,200  and  $49,300, 
respectively. 

■  Storage  start-up  Intransa  last 
week  unveiled  an  iSCSI  appliance 
designed  for  departmental  use.  The 
Intransa  IP  3000  Storage  System, 
which  is  available  in  2T-  and  4T-byte 
models,  connects  to  a  company's 
Gigabit  Ethernet  network.  The  IP  3000 
includes  point-in-time  copy-capability 
system  backup  and  built-in  mirroring. 

It  works  with  Windows,  Solaris  or 
Linux  hosts.  The  Intransa  IP  3000 
starts  at  $32,000  for  a  2T-byte  system. 
A  4T-byte  IP  3000  starts  at  $38,000. 


■  BY  TOM  KRAZIT 

IBM  last  week  bolstered  the  new  eServer 
i5  server  lineup  with  a  box  designed  for 
small  and  midsize  businesses  looking  for 
an  off-the-shelf  server  that  is  easy  to  inte¬ 
grate  into  an  existing  environment. 

A  new  system  based  on  the  Power  5 
chip  that  can  run  multiple  operating  sys¬ 
tems,  the  i5  550  is  the  third  i5  server  to 
emerge  from  IBM.  In  recent  months,  the 
company  has  moved  to  standardize  its 
former  pSeries  and  iSeries  servers  on  a 
common  set  of  components  and  operat¬ 
ing  systems. 

The  i5  servers,  the  former  pSeries  now 
known  as  p5  servers,  have  been  designed 
for  larger  businesses  that  require  a  custom 
server  for  their  environments. 


15  servers  come  with  IBM’s  i5/OS  operat¬ 
ing  system  and  DB2  database  software  but 
can  run  several  operating  systems,  includ¬ 
ing  Linux,  AIX  and  Windows.  IBM’s 
Virtualization  Engine  software  brings  par¬ 
titioning  and  system  management  capa¬ 
bilities,  once  confined  to  mainframe  sys¬ 
tems,  to  the  new  i5  series  servers. 

Customers  can  purchase  the  server  with 
several  application  bundles  from  software 
vendors  such  as  PeopIeSoft  and  Lawson 
Software,  or  a  version  with  IBM’s  Lotus 
Domino  e-mail  software. 

IBM’s  i5  550  server  comes  with  four 
Power  5  processors,  but  IT  managers  can 
choose  to  purchase  the  machine  with 
only  two  processors  activated  if  their 
application  workload  doesn’t  require  the 
additional  capacity  right  away  This  feature 


gives  those  businesses  the  flexibility  to 
purchase  a  two-way  server  but  have  the 
capacity  of  a  four-way  server  already  built 
into  the  system,  IBM  says. 

“The  550  is  the  one  you  buy  when  you 
know  that  four-way  is  as  big  as  I  need.  It 
lacks  the  additional  scalability  infrastruc¬ 
ture  and  is  thus  less  expandable,  but  the 
upside  is  you  get  it  at  a  better  price,”  says 
Jonathan  Eunice,  principal  analyst  with 
Illuminata. 

The  two-way  configuration  costs 
$74,000.  The  activation  fee  for  each  addi¬ 
tional  processor  is  $3,700,  plus  operating 
system  or  application  licensing  costs.  It 
will  be  available  next  month,  IBM  says. 

Krca.it  is  a  correspondent  with  the  IDG 
News  Service. 
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A  couple  of  months  ago,  Novell  an¬ 
nounced  that  anyone  who  wanted  to 
try  its  new  Linux  offerings  and  utili¬ 
ties  could  sign  up  for  what’s  called  the 
“Novell  Linux  Technical  Resource  Kit.” 
Well,  if  a  company  with  real  marketing 
had  been  behind  it  there  would  have 
been  great  fanfare  and  much  hoopla.This 
announcement  simply  showed  up  on  a 
Web  page.  This  is  Novell  we’re  talking 
about  after  all,  and, as  the  old  saying  goes, 
its  extremely  difficult  for  the  leopard  to 
change  its  spots. 

Still,  stealth  marketing  did  its  job  via 
word-of-mouth  and  the  occasional  men¬ 
tion  in  a  column  or  news  story.  Many  peo- 


Novell  shoots  blanks  on  Linux  offer 


pie  did,  in  fact,  sign  up  to  receive  the  free 
CD  containing: 

•  SuSE  Linux  Standard  Server  8.0  (ISO 
installation  images). 

•  SuSE  Linux  9.1  Professional  (bootable 
installation  DVD). 

•  Ximian  Desktop  2.0  Evaluation  (ISO 
image). 

•  Ximian  Red  Carpet  2.0.2  Evaluation 
(ISO  image). 

•  Novell  Linux  Services  1.0  (ISO  image  & 
NLS  companion  CD). 

•  Novell  GroupWise  for  Linux  6.5.1  — 
Server,  Client  &  Messenger  (ISO  images), 
and  a  lot  more. 

In  mid-July  Novell  announced  a  delay 
because  of  the  “phenomenal  response  to 
this  free  offer]’  according  to  a  note  sent  to 
those  who  had  registered  for  it,  but  it  was 
still  due  to  ship  in  late  July  Two  weeks  ago, 
in  mid-August,  recipients  were  finally  noti¬ 
fied  that  the  package  had  shipped  (“please 
allow  up  to  six  weeks  for  delivery  . . .”). 


Turns  out  that,  with  the  delay  the  Stan¬ 
dard  Server  8  had  turned  into  SuSE  Linux 
Enterprise  Server  9.  That’s  certainly  worth 
the  wait,  isn’t  it?  In  fact,  many  more  people 
now  thought  this  was  a  good  deal  and 
flocked  to  the  Novell  registration  page  to 
sign  up.  What  they  found  was  a  notice 
(www.nwfusion.com,  DocFinder:  3434) 
that  says,  in  part:“We  appreciate  your  inter¬ 
est  in  the  Linux  Technical  Resource  Kit, 
offered  by  the  Novell  Customer  Commun¬ 
ities.  At  this  time  we  are  not  accepting  any 
more  orders  . . .” 

Did  they  run  out  of  Linux? 

Maybe  it  was  all  just  a  marketing  scam  to 
get  you  to  give  Novell  your  e-mail  address 
so  it  could  spam  you  with  advertising. 
After  all,  most  people  still  haven’t  received 
the  package  that  they’d  expected  in  late 
July  Novell  might  be  the  bright  new  star  in 
the  open  source  firmament,  but  its  mar¬ 
keting  is  just  as  tarnished  as  ever. 


Kearns,  a  former  network  administrator, 
is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  reached  at  wired@ 
vquill.com. 


Tip  of  the  Week 


With  many  people  (IBM, 
me,  etc.)  warning  that 
Windows  XP  Service  Pack  2 

might  break  more  than  it 
fixes,  Microsoft  has  taken 
the  strange  step  of  creating 
what  amounts  to  being  a 
marketing  site  (DocFinder: 
3435)  for  the  update  in  order 
to  convince  you  that  you 
really  need  it! 


HP  ProLiant 
delays  continue 


■  BY  ROBERT  MCMILLAN 

HP  customers  will  continue  to 
have  difficulties  ordering  custom 
configurations  of  HP’s  ProLiant 
servers  through  the  end  of  this 
month,  company  executives  told 
attendees  at  the  HP  World  con¬ 
ference  last  week  in  Chicago. 

The  delays  are  caused  by  con¬ 
tinuing  problems  with  an  SAP 
order-processing  and  supply- 
chain  deployment  rolled  out  last 
month,  they  said. 

HP’s  troubles  began  over  the 
July  4  weekend  when  the  com¬ 
pany  rolled  out  the  system  de¬ 
signed  to  unify  the  Digital  Equip¬ 
ment,  Compaq  and  HP  order-pro¬ 
cessing  systems  the  company 
was  left  with  after  its  2002 
merger  with  Compaq,  said  Mark 
Gonzalez,  vice  president  of  HP 
America’s  enterprise  storage  and 
server  sales. 

The  glitches  affected  HP’s  stor¬ 
age,  Unix  and  ProLiant  products, 
Gonzalez  said. 

“It’s  systems  talking  to  systems,” 
he  said,  declining  to  explain  the 
specific  problems.“It  just  did  not 
quite  work  out.” 

HP  disclosed  the  problems  ear¬ 
lier  this  month  when  it  an¬ 
nounced  its  quarterly  financials, 
blaming  the  problems  for  a  $400 
million  revenue  shortfall  within 
the  company’s  Enterprise  System 
Group.  HP  CEO  Carly  Fiorina 


fired  Peter  Blackmore,  executive 
vice  president  of  HP’s  Customer 
Solutions  Group,  shortly  after  the 
problems  were  disclosed,  saying 
his  group’s  performance  was 
“unacceptable.” 

Company  executives  at  the 
show  stressed  that  the  majority 
of  problems  with  the  system  had 
now  been  ironed  out  and  that 
customers  should  no  longer 
experience  delays  when  they 
order  storage  or  Unix  systems. 

ProLiant  ordering  is  “pretty 
much  back  on  track  with 
the  exception  of  a  couple  of 
complex,  configure-to-order-type 
things,”  Gonzalez  said.  “By  the 
end  of  August,  we  should  be 
totally  squared  away,  but  the 
worst  is  behind  us.” 

HP  ships  approximately  163,000 
ProLiant  systems  per  month.  The 
vast  majority  of  those  systems  are 
not  customer  configured  and, 
therefore,  not  affected  by  the  con¬ 
tinuing  problems  with  the  system, 
Gonzalez  said. 

The  ordering  problems  were 
briefly  addressed  during  a  panel 
discussion  at  HP  World,  when  an 
audience  member  asked  Joe 
Nadler,  director  of  HP’s  business 
critical  systems,  America,  about 
the  reliability  of  system  ship  dates  j 
provided  by  the  current  system. 

McMillan  is  a  correspondent 
with  the  IDG  News  Service. 


Cisco 

continued  from  page  19 

“We  wanted  to  get  IOS  onto 
many  new  platforms  and  adopt  it 
to  all  different  kinds  of  proces¬ 
sors,”  McNealis  says.  “IOS  was 
being  stretched  in  many  different 
ways.  In  some  sense  we  had  been 
pushing  the  envelope.” 

This  led  to  the  now  infamous 
“feature  bloat”  associated  with 
IOS,  where  a  single  software 
image  can  include  everything 
from  X.25  and  ISDN  support  to 
VoIP  and  firewall  capabilities. 

Instead  of  making  a  new  IOS 
from  scratch,  or  adopting  an 
open  source  platform  such  as 
Linux  or  FreeBSD,  McNealis  says 
Cisco  chose  a  third-party  micro¬ 
kernel  for  the  new  IOS  QNX. 

“We  realized  the  core  compe¬ 
tency  of  our  software  division 
was  in  the  IP  service’s  function¬ 
ality  ...  we  were  not  fundamen¬ 
tally  operating  system  experts,” 
he  says. 

The  current  IOS  software  in¬ 
cludes  millions  of  lines  of  code, 
according  to  McNealis,  but  the 
QNX-based  microkernel  in  IOS- 
XR  has  only  80,000  lines. 

“That  compiles  very  nicely  and 
lends  itself  to  a  variety  of  smaller 
form  factors,”  McNealis  says.  The 
fact  that  IOS-XR  is  a  closed  system 
built  from  scratch  also  means  the 
code  will  be  less  susceptible  to 
backdoor  intrusions  or  vulnera¬ 
bilities  now  associated  with  IOS, 
he  adds. 

Besides  routers  and  switches, 
IOS  touches  most  of  the  ad¬ 
vanced  technology  areas  Cisco 
has  entered  in  the  last  five  years, 
such  as  security  VoIEstorage,  wire¬ 


less  and  optical,  says  Sangeeta 
Anand,  vice  president  of  product 
marketing  for  IOS.  She  says  a  shift 
to  a  modular-based  IOS  architec¬ 
ture  in  corporations  won’t  cause 
any  drastic  changes  in  how  a 
business  IP  network  operates. 

“[Customers]  want  a  common¬ 
ality  of  IP  services,"  Anand  says. 
“The  fact  that  an  underlying  oper¬ 
ating  system  is  Linux-based  or 
QNX-based  is  quite  secondary  to 
them.” 

Some  users  say  the  software 

II  The  key  to  the 
next-generation  IOS  is 
new  hardware.  11 

Frank  Dzubeck 

President,  Communications 
Network  Architects 

architecture  of  their  routers  is  a 
concern. 

“My  biggest  apprehension 
around  IOS  is  feature  bloat,”  says 
Scott  Pinkerton,  network  solu¬ 
tions  manager  for  Argonne  Na¬ 
tional  Laboratory  a  U.S.  Depart¬ 
ment  of  Energy  Research  center 
near  Chicago.  He  says  he’s  seen 
IOS  code  over  the  years  grow  to 
support  “the  A  to  Z  set  of  hard¬ 
ware  devices”  Cisco  offers. 

“1  really  don’t  use  Cisco  [prod¬ 
ucts]  A  to  Z,”  Pinkerton  says,  “so 
having  all  those  features  just  isn’t 
that  darn  impressive  to  me.” 

One  analyst  closely  watching 
IOS  development  says  a  modular 
IOS  holds  great  promise  for 
corporations  but  also  holds 


challenges. 

“The  key  to  the  next-generation 
IOS  is  new  hardware,”  says  Frank 
Dzubeck,  president  of  Commun¬ 
ications  Network  Architects,  an 
industry  analysis  firm.  “This  soft¬ 
ware  will  not  work  with  the  older 
hardware.” 

As  Cisco  begins  to  trickle  down 
IOS-XR-like  capabilities  to  corpo¬ 
rations,  new  router  and  switch 
platforms  probably  will  be  re¬ 
quired,  Dzubeck  says.  But  the  new 
capabilities  of  a  modular  IOS, 
where  services  run  like  applica¬ 
tions  on  top  of  a  kernel,  also 
could  lead  to  new  levels  of  net¬ 
work  reliability  and  new  features. 

“You  can  expect  Cisco  to  get 
more  and  more  focused  on  mov¬ 
ing  up  the  stack,”  Dzubeck  says. 
“And  the  platform  of  choice  for 
them  will  be  IOS.” 

With  firewalling, intrusion  detec¬ 
tion,  caching  and  VoIP  already 
staple  features  of  IOS,  new  fea¬ 
tures  such  as  route  control  or  bor¬ 
der  session  control  easily  could 
run  as  services  on  top  of  a  new 
modular  IOS  kernel. 

However,  corporations  will  have 
to  weigh  the  benefits  of  what  a 
new  IOS  would  bring  vs.  keeping 
an  installed  base  of  working 
Cisco  hardware  and  software. 

“This  is  one  of  those  strategic 
juncture  points  that  happens 
every  10  years  or  so,”  Dzubeck 
says.  “Mainframes  went  through 
this.  Even  Microsoft  went  through 
this,”  when  it  went  from  DOS  to 
Windows  95  to  2000. 

While  a  new  IOS  for  corpora¬ 
tions  might  introduce  fresh  bugs 
and  a  new  learning  curve,  it 
would  be  worth  it,  Argonne’s 
Pinkerton  says.  ■ 
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Learn  How  to  Achieve 
Storage  Networking  Success 


October  25-28,  2004  •  JW  Marriott  Grande  Lakes  Resort  •  Orlando,  Florida 


Learn  How  to  Achieve 
Storage  Networking  Success 

•  Get  a  Contemporary  Overview  of  Today’s  Storage  Networking  Issues  and  Opportunities 

•  See  How  to  Implement  and  Deploy  the  Latest  in  Storage  Networking  Technologies 

•  Hear  the  Latest  in  Enterprise  Security 

•  Learn  from  Best  Practices  and  Case  Studies 


”...  at  SNW,  you  connect  with 
folks  you  normally  wouldn’t 
meet  and  capitalize  on  the 
serendipitous  exchange 
of  ideas ...” 

a  John  Seely  Brown 

Former  Director,  Xerox 
Palo  Alto  Research  Center 
(PARC),  and  former  Chief 
Scientist,  Xerox 
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Why  You  Should  Attend 

Are  you  responsible  for  managing  your  company’s  storage  assets  and  strategies?  Want  to 
exchange  innovative  ideas  and  strategies  with  other  executives  who  share  the  same 
objectives?  Then  attend  Storage  Networking  World,  where  you’ll  network  with  and  learn 
from  renowned  experts  and  the  nation's  top  user  executives. 


Conference  At-a-Glance  ( subject  to  change) 

For  details,  updates,  and  to  register  visit  www.snwusa.com/nww 

MONDAY,  OCTOBER  25 


9:30am  to  10:25am 

1  INDUSTRY  PRIMER  TRACK 

1  INDUSTRY  PRIMER  TRACK 

1  CAREER  DEVELOPMENT  TRACK  1 

Addressing  High 

Density  Cooling  of 
Storage  Networking 
Equipment  at  the 

Facility  Level 

Donald  Beaty,  Founder  & 

President,  DLB  Associates 

Storage  Basics 
and  Trends 

Dennis  Martin,  Senior  Analyst, 
and  Greg  Schulz,  Senior  Analyst, 
Evaluator  Group 

Power  Statements, 
Questions  and 

Answers  Techniques 

Howard  Goldstein,  Founder, 

Howard  Goldstein  Associates,  Inc. 

10:35am  to  1 1 :30am 

Role  of  Server  Blades 
and  Virtualization  in  Next 
Generation  Data  Center 

Arun  Taneja,  Founder  and 
Consulting  Analyst,  Taneja  Group 

Why  Tape  Continues 
to  Make  the  Grade 

Richard  Harada,  President,  Tape 
Technology  Council 

1 1 :30am  to  1 :00pm  Luncheon 


Afternoon 


SNIA  Tutorial  Sessions 

1 :00pm  to  6:40pm 


•  Data  Lifecycle 

■  Virtualization  & 
Securing  Your  Storage 

•  Focus  on  Networking 
Your  Storage 

•  Focus  on  Storage 

■  SAN  Management 

•  Voice  of  the  User 

SNIA 


IDC  Briefing  Session 

1 :00pm  to  4:00pm 


®IDC 

In  this  fast-paced  session,  IDCs 
top  storage  analysts  will  examine 
companies’  growing  interest  in 
deploying  tiered  storage  solutions 
and  assess  its  impact  on  storage 
components,  systems,  networks, 
management  and  services. 


IT  End-User  Golf  Outing 

noon  to  approximately  6:00pm 


The  pre-  SPONSORED  BY 
conference  QuantUm 

golf  outing  _ _ _ 

at  the  Ritz-Carlton  Golf  Club  located 
gdjacent  to  the  JW  Marriott  Grande 
Lakes  Resort  is  complimentary  (a 
$  1 25  value)  for  registered  IT  end- 
users.  (Other  participants,  including 
sponsors  and  vendor  representatives, 
may  play  on  an  las  available"  basis 

and  are  responsi¬ 
ble  for  all  applica¬ 
ble  golf  outing 
expenses.) 

To  secure  your  spot, 
contact  Michael  Meleedy  at 
1-508-820-8529. 


7:00pm  to  9:00pm  Welcome  Reception 


October  25-28,  2004  •  JW  Marriott  Grande  Lakes  Resort  •  Orlando,  Florida 


For  more  information  and  to  register,  visit  www.snwusa.com/nww  or  call  1-800-883-9090 


TUESDAY,  OCTOBER  26  General  Sessions  Begin 


8:30am  to  9:15am 
9:15am  to  9:45am 
9:45am  to  10:15am 
10:30am  to  1 1:00am 
1 1:00am  to  1 1:30am 
1 1 :30am  to  noon 
12:15pm  to  1:30pm 


Don  Tapscott,  Renowned  Bestselling  Author  of  The  Naked  Corporation, 
Growing  Up  Digital  and  Paradigm  Shift 

The  Future  of  Knowledge  Management 

John  Halamka,  MD,  CIO,  CareGroup  Health  System  and  Harvard  Medical  School 

Kevin  Rollins,  President  &  COO,  Dell 
I  Keith  Glennan,  VP  &  CIO,  Northrop  Grumman  IT 


Elevating  the  Art  of  Storage 

Shinjiro  Iwata,  CEO,  Hitachi  Data  Systems 

Industry  Presidents’  Roundtable:  A  Market  Outlook 

Moderator:  Don  Tapscott,  Author  of  The  Naked  Corporation ,  Growing  Up  Digital  and  Paradigm  Shift 


CONCURRENT  LUNCHEON  SESSIONS 


General  Networking 
Luncheon 

On  the  Valencia  Lawn 


Luncheon  Session 

Steve  Duplessie,  Founder 
&  Senior  Analyst, 
Enterprise  Storage  Group 


Luncheon  Session: 
Measuring  the  Value 
of  IT  Investments 

Richard  Sneider, 
Managing  Partner, 
InterUnity  Group 


1:30pm  to  2:00pm 
2:00pm  to  2:30pm 
2:30pm  to  3:00pm 

3:00pm  to  3:45pm 

4:00pm  to  5:30pm 
5:30pm  to  8:30pm 


End  User  Case  Study:  Best  Practices:  Data  Center  Consolidation 

David  Cohen,  VP,  Technology  Architecture  Group,  Merrill  Lynch 

Greg  Reyes,  Chairman  &  CEO,  Brocade  Communications  Systems 


End  User  Case  Study:  Evaluating  Options  for  Business 
Continuity/Disaster  Recovery  Plans 

Rod  Mueller,  Manager  of  Technology  and  Infrastructure,  International  Paper 

CTO  Insights  Panel 

Moderator:  Jon  William  Toigo,  CEO  &  Founder,  Toigo  Partners  International 


a 


CONCURRENT  SESSIONS 


Expo  with  Dinner  /  Interoperability  &  Solutions  Demo  Open  ^  s  Solutions 


5:30pm  to  8:30pm 


■  DEMO 


WEDNESDAY,  OCTOBER  27 


8:30am  to  9:15am 

9:15am  to  9:45am 
9:45am  to  10:15am 

10:30am  to  1 1:00am 


1 1 :00am  to  1 1 :30am 

1 1:30am  to  12:15pm 

12:15pm  to  1:45pm 
1:45pm  to  2:15pm 
2:15pm  to  2:45pm 

2:45pm  to  3:30pm 

3:45pm  to  5:15pm 

5:15pm  to  7:15pm 
7:30pm  to  9:00pm 


Nick  Carr,  former  Executive  Editor  of  the  Harvard  Business  Review 
and  author  of  Does  IT  Matter? 

End  User  Case  Study 
Industry  Leader  Presentation 

End  User  Case  Study:  Realizing  the  Vision  of  Management  Simplicity 
and  Improved  Business  Processes  in  a  Demanding,  Distributed, 
High-Performance  Environment 

Michael  Prince,  VP  &  CIO,  Burlington  Coat  Factory 

The  Half-Life  of  Storage  Trends 

Peter  van  Oppen,  Chairman  &  CEO,  ADIC 

Panel:  End  Users  Speak  Out 

Moderator:  John  Dix,  Editor  in  Chief,  Network  World 
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Expo  &  Luncheon 

End  User  Case  Study 

Industry  Leader  Presentation 

Analyst  Roundtable  Panel 

Moderator:  Jon  William  Toigo,  CEO  &  Founder,  Toigo  Partners  International 

INTEROPERABILITY  &  SOLUTIONS 
DEMO  OPEN 

12:15pm  to  7:15pm 

_T  ,  Interoperability 

4  Solutions 

■  DEMO 

See  SNW’s  Interoperability 
&  Solutions  Demo 

•  40-plus  SNIA  member  companies 
collaborating  on  integrated  solutions 

*  the  opportunity  to  meet  leading 
experts  and  engineers 

CONCURRENT  SESSIONS 

Expo  and  Reception 

Gala  Evening,  Dinner  and  Entertainment 

THURSDAY,  OCTOBER  28 


7:30am  to  8:30am 
8:30am  to  Noon 
Noon 


Breakfast 


CONCURRENT  TECHNICAL  &  BUSINESS  TUTORIALS 


Conference  Concludes 


SNW,  more  than  other 
conferences,  brings  together 
all  the  right  vendors  and  all 
the  right  users  -  users  who 
can  properly  leverage 
available  technology  and 
influence  vendors  in 
developing  the  next  generation 
of  storage  products ..." 


Andre  Mendes 
Chief  Technology 
Integration  Officer 
Public  Broadcasting  Service 


"...  SNW  is  a  great  venue 
for  peer  discussion  ...  an 
opportunity  to  provide 
feedback  to  vendors  on 
what  users  need  from  them  ... 
I  sat  down  with  my  key 
vendors  and  shared 
information 


John  Greer 

RPS  Director,  IT  Infrastructure 
Pacific  Gas  &  Electric 


JW  Marriott 
Grande  Lakes 
Resort 

Orlando,  Florida 


Hotel  Reservations 
and  Travel  Services 


IDG  Travel  is  the  official 
travel  company  for  Storage 
Networking  World,  They 
are  your  one-stop  shop 
for  exclusive  discounted  rates  on 
hotel  accommodations. 


mlDG 

TRAVEL  SERVICES 


To  reserve  your  accommodations,  visit: 

www.etcentral.com 


You  can  also  call  our  conference  housing  line  at: 

1-800-340-2262  (or  1-508-820-8686) 


For  more  information  and  to  register,  visit  www.snwusa.com/nww  or  call  1-800-883-9090 
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COMPUTERWORLD 

October  25-28,  2004 
JW  Marriott 
Grande  Lakes  Resort 
Orlando,  Florida 


Application  for  Conference  Registration 

Fax  this  completed  application  to  1  -508-820-8254  or  apply  online  at:  www.snwusa.com/nww 


Your  business  card  is 
REQUIRED 

to  process  your  application 

Please  affix  your  business  card  to  this  space  prior  to 
submitting  your  application.  Applications  submitted 
without  business  cards  will  not  be  processed. 

Questions?  Call  1-800-883-9090 


If  not  indicated  on  your  business  card,  please 
provide  the  following  required  information: 


Corporate  Email  Address 


Corporate  Website 


Registration  questions? 

Call  1  -800-883-9090  or  email  snwreg@computerworld.coii 

Need  accommodations? 

Reserve  them  at  www.etcentral.com 

Please  call  1-800-340-2262 
or  email:  eventhousing@idg.com 


Please  check  ONE  of  the  following: 

Earlybird  Registration  (through  September  14, 2004) 

Full/Onsite  Registration  (after  September  14,2004) 

Q  1  am  an  IT  End-User* 

(Complete  Attendee  Profile  below) 

□  $895  General  Conference  Package  (October  26  &  27) 
(includes  General  Conference  Sessions,  Expo,  Meals  &  Receptions) 

□  $1,290  Total  4-Day  Package  (October  25,  26,  27,  28) 
(includes  General  Conference,  plus  Technical  and  Business  Tracks, 
SNIA-produced  Tutorials,  SNIA-Certification  “Test-Ready"  Courses) 

□  $1,295  General  Conference  Package 

(includes  General  Conference  Sessions.  Expo,  Meals  &  Receptions) 

□  $1,690  Total  4-Day  Package  (October  25,  26,  27,  28) 
(includes  General  Conference,  plus  Technical  and  Business  Tracks, 
SNIA-produced  Tutorials,  SNIA-Certification  “Test-Ready"  Courses) 

*  IT  End*Users  are  defined  as  those  who  are  attending  Storage  Networking  World  with  an  intent  (and  an  [T  spending  budget)  to  potentially  buy/lease  hardware/ software/services,  etc.  from  our  conference  sponsors  and  are  not  themselves  an  IT  vendor  As  such,  account  representatives, 
business  development  personnel,  analysts,  consultants  and  anyone  else  attending  who  does  not  have  IT  purchasing  influence  within  their  organization  are  excluded  from  the  "IT  End-User"  designation.  Interpretation  and  enforcement  of  this  policy  are  at  the  sole  discretion  of  Computerwo 


□ 


I  am  a  Channel  Partner/ 
Integrator/Consultant 

(Complete  Attendee  Profile  below) 


□  $3,000  Total  4-Day  Package  (October  25,  26,  27,  28) 
(includes  General  Conference;  Technical  and  Business  Tracks, 
SNIA-produced  Tutorials,  SNIA  Certification  “Test-Ready"  Courses) 


□  $3,300  Total  4-Day  Package  (October  25,  26,  27,  28) 
(includes  General  Conference;  Technical  and  Business  Tracks, 
SNIA-produced  Tutorials,  SNIA  Certification  “Test- Ready"  Courses) 


By  participating  in  SNW's  Channel  Partner/Integrator  registration  package,  registrants  may  enjoy  the  following  benefits:  One  company  representative  may  receive  a  full  conference  pass  to  SNW  Fall  2004;  additional  company  representatives  pay  $695  each 
for  full  conference  passes;  company  may  invite  up  to  five  IT  User  customers  to  attend  SNW  Fall  (IT  Users  must  be  strictly  compliant  with  IT  User  definition  on  the  supplied  registration  form);  companies  registering  for  this  package  interested  in  joining  the 
SNIA  are  eligible  to  receive  a  $2,000  discount,  provided  that  membership  is  applied  for  prior  to  January  1, 2005. 


Attendee  Profile:  This  section  MUST  be  completed  by  IT  End-Users  and  Channel  Partners/Integrators/Consultants  only  (optional  for  all  other  registrations) 

The  one  item  that  best  describes  your  involvement  in  the 
IT  purchase  process 

□  Authorize  the  purchase 


Your  Business/Industry 

□  Transportation/Utilities 

□  Mining/Oil/Gas 

□  Non-Profit/Trade  Association 

□  Media/Publishmg 

□  Banking 

□  Finance 

□  Accounting 

□  Insurance 

□  Real  Estate 

□  Telecommunications 

□  Wholesale/Retail  (non-computer) 

□  Computer  Service  Provider 

□  Advertising/Marketing/Public  Relations 


□  Manufacturing  (IT)  (Channel/Integrator/Consultants  Only) 

□  Computer  Retailer/Dealer/Wholesaler 
(Channel/Integrator/Consultants  Only) 

□  Software  Development  (Storage) 
(Channel/Integrator/Consultants  Only) 

□  Other  Computer  Related  (Storage) 
(Channel/Integrator/Consultants  Only) 

□  Other 


□  Approve  the  budget 

□  Initiate  the  purchase 

□  Evaluate/recommend  products,  brands,  vendors 

□  Identify/establish  the  need  to  purchase 

□  All  of  the  above 


Entertainment 

□  Education 

O  Food  Industry 

□  Government/Military 

□  Healthcare/Medical  Services 

□  Travel/Hospitality/Recreation 

□  Manufacturing  (non-IT) 

□  VAR/VAD/ASP/System  Integrator 
(Channel/Integrator/Consultants  Only) 

□  Industry  Consultant/Storage  Solution  Integrator 
(Channel/Integrator/Consultants  Only) 


Your  Job  Title/Function 

□  CEO/COO/Chairman/President 

□  CIO/CTO 

□  VP/GM/Director 

□  IS/IT  Director/Manager 

□  Other  IS/IT  Department  Manager/Supervisor 

□  Other  Corporate/Business  Manager 

□  CEO/COO/Chairman/President 
(Channel/Integrator/Consultants  Only) 

□  CFO/Controller/Treasurer 
(Channel/Integrator/Consultants  Only) 

□  VP/GM/Director  (Channel/Integrator/Consultants  Only) 

□  Sales/Marketing/Product  Staff 
(Channel/Integrator/Consultants  Only) 

□  CIO/CTO/Other  IS/IT  Manager 
(Channel/Integrator/Consultants  Only) 

□  Engineering  Staff  (Channel/Integrator/Consultants  Only) 


Number  of  employees  in  your  entire  organization  (ALL  locations) 

□  Over  10,000 

□  5,000  -  9,999 

□  1,000-4,999 

□  500  -  999 

□  Less  than  500 


in  order  to  process  your  application. 

Your  organization's  annual  IT/IS  budget  for  all  IT/IS 
products,  or  if  you  are  a  Channel/Integrator  Partner  or 
Consultant,  what  is  the  annual  dollar  value  of  IT  prod¬ 
ucts/services  you  sell/resell/recommend/influence  for 
purchase  by  your  customers/clients. 

□  Over$1  Billion 

□  $500  Million  -  $999  Million 

□  $100  Million  -  $499  Million 

□  $10  Million  -  $99  Million 

□  $1  Million  -  $9.9  Million 

□  Less  than  $1  Million 


What  is  the  estimated  annual  revenue  of  your  entire 
organization? 

□  Over  $10  Billion 

□  $1  Billion  -  $9.9  Billion 

□  $500  Million  -  $999  Million 

□  $100  Million -$499  Million 

□  Less  than  $100  Million 


Annual  company  IT  budget  (storage  products  and  services' 

□  Over$1  Billion 

□  $500  Million  •  $999  Million 

□  $100  Million  -  $499  Million 

□  $10  Million- $99  Million 

□  $1  Million  -  $9.9  Million 

□  Less  than  $  1  Million 


Would  you  like  to  receive  information  about  playing  in 
the  golf  outing  on  Monday,  October  25th? 

□  Yes 

□  No 


1  My  company  is  Sponsoring/  □  $895  (through  September  14.2004) 

Fxhihitinn  at  SNW  General  Conference  Package  (October  26  &  27) 

®  (includes  General  Conference  Sessions,  Expo,  Meals  &  Receptions) 

□  $1,290  Total  4-Day  Package  (October  25,  26,  27,  28) 

(includes  General  Conference,  plus  Technical  and  Business  Tracks, 

SNIA-produced  Tutorials,  SNIA-Certification  “Test-Ready”  Courses) 

As  a  sponsor,  you  may  be  eligible  to  attend  using  a  registration  provided  with  your  sponsorship.  (If  those  registrations  have  already  been  assigned/used,  then  you  may  register  at  the  prevailing  rates  above.)  See  the  current  list  of 
sponsors  at  www.snwusa.com.  Questions?  Call  1  -800-883-9090  or  email  snwreg@computerworld.com. 


□  $1,295  (after  September  14.  2004) 

General  Conference  Package  (October  26  &  27) 

(includes  General  Conference  Sessions,  Expo,  Meals  &  Receptions) 

□  $1,690  Total  4-Day  Package  (October  25,  26,  27,  28) 
(includes  General  Conference,  plus  Technical  and  Business  Tracks, 
SNIA-produced  Tutorials,  SNIA-Certification  “Test-Ready"  Courses) 


□  I  am  a  representative  of  a  Non-Sponsoring  IT  Vendor  Company 

□  $5,000  Business  Development  Professional  Package  for  Sales,  Marketing  and  Business  Development  Professionals  (includes  General  Conference  Sessions,  Expo,  Meals  &  Reception: 


Vendors  are  encouraged  to  participate  in  Storage  Networking  World  through  sponsorship.  (Details  are  available  by  calling  Ann 
Harris  at  508-820-8667.)  Alternatively,  vendors  (as  well  as  other  “non-IT  end-user"  professionals  as  defined  by  Computerworld), 
may  apply  for  registration  at  the  "non -sponsoring  vendor"  rate  of  $5,000.  Determination  of  what  constitutes  a  “non -sponsoring 
vendor"  registration  is  made  exclusively  by  Computerworld.  Please  call  888-239-4505  with  questions 


□  I  am  a  Financial/Equity  Analyst 

□  $1,290  (through  September  14.  2004) 
General  Conference  Package 
(includes  General  Conference  Sessions,  Expo, 
Meals  &  Receptions) 


and/or  Venture  Capital  Professional 

□  $1,690  (after  September  14,  2004) 
General  Conference  Package 
(includes  General  Conference  Sessions,  Expo, 
Meals  &  Receptions) 


I  I  I  am  a  qualified  member  of  the  press.  I  can  verify  my  press  credentials. 

Press  should  call  Erin  Keefe  at  1  -781  -915-5009  to  register. 

Please  fax  this  completed  application 
to  1-508-820-8254 


Payment  Method 


□  Check  ( checks  must  be  received  by  October  5,  2004  payable  to:  Computerworld) 

Mail  to:  Computerworld,  Attn:  Pam  Malingowski.  500  Old  Connecticut  Path,  Framingham,  MA  OK 

□  American  Express  □  VISA  □  MasterCard 

Account  Number: _ _ _ , 

Expiration  Date: _ ________ _ 

Card  Holder  Name:  _ _ _ _ _ 

Signature  of  Card  Holder: _ 

Cancellation  Policy  (All  of  the  following  require  written  notification  by  October  5, 2004.) 

In  the  event  of  cancellation,  the  registrant  has  three  options: 

1 )  He  or  she  may  substitute  another  attendee  for  this  conference. 

2)  He  or  she  may  transfer  this  registration  to  the  Storage  Networking  World  Spring  2005  conference. 

3)  The  registration  fee  will  be  refunded,  less  a  $250  service  charge  (if  written  notice  is  received  by  October  5, 20C 

Please  send  cancellation  requests  via  email  to:  snwreg@computerworld.com 
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NetworkWorld 


■  PORTALS  ■  MESSAGING/GROUPWARE 

■  E-COMMERCE  ■  SECURITY 

■  MIDDLEWARE  ■  DIRECTORIES 

■  NETWORK  AND  SYSTEMS  MANAGEMENT 

■  WEB  SERVICES 


Microsoft’s  NAP  partners  eye  first  steps 


Company’s  Network  Access  Protection  plan  requires  lots  of  third-party  buy-in. 


■  BY  TIM  GREENE 

While  there  is  much  ballyhoo  about  the 
Vlicrosoft  initiative  to  protect  networks 
from  infected  machines,  customers  look¬ 
ing  to  take  advantage  of  the  company’s 
Metwork  Access  Protection  architecture 
will  have  to  wait  for  its  partners  to  step  up 
before  it  becomes  a  broad  security  tool. 

NAP  ultimately  will  supply  the  means  to 
check  whether  computers  trying  to  gain 


■  McAfee  IS  buying  Foundstone  for 

$86  million.  The  acquisition  will  add 
Foundstone's  line  of  vulnerability 
management  software  to  McAfee's 
growing  list  of  security  products. 
McAfee  plans  to  combine  Found- 
stone's  technology  for  spotting  and 
remediating  software  vulnerabilities 
with  its  intrusion-detection  and  secu¬ 
rity  policy  management  products, 
allowing  companies  to  identify  and 
shield  high-priority  computer  assets 
from  attack.  McAfee’s  purchase  of 
Foundstone  follows  moves  in  the  last 
year  to  focus  its  product  offerings 
and  improve  its  standing  in  the  intru¬ 
sion  detection  and  prevention  mar¬ 
ket.  In  April  2003,  McAfee,  formerly 
Network  Associates,  paid  $220  mil¬ 
lion  to  purchase  IntruVert  Networks 
and  Entercept  Security  Technologies. 

■  Vidius,  which  makes  the  Port- 
Authority  product  for  monitoring 
and  blocking  sensitive  e-mail  and  files 
from  unauthorized  outbound  trans¬ 
mission  to  the  Internet,  last  week 
announced  the  third  version  of  its 
gateway.  PortAuthority  Version  3.0, 
which  costs  $35  per  user  with  $7,500 
for  a  server  license,  now  can  route 
suspicious  traffic  to  third-party  prod¬ 
ucts  for  secure  storage.  The  product 
also  can  ensure  sensitive  information, 
including  Social  Security  numbers 
and  credit  card  numbers,  aren't 
leaked  out  even  if  reformatted  or 
moved  into  other  files  or  messages. 


access  to  networks  are  configured  in  com¬ 
pliance  with  security  policies.  The  larger 
scheme  is  to  create  a  platform  that  lets 
servers,  switches,  routers,  desktops,  gate¬ 
ways,  firewalls  and  security  software  cre¬ 
ate  a  broad  security  infrastructure, 
Microsoft  says. 

“Today  none  of  those  entities  work 
together  in  terms  of  security  says  Siva 
Ananmaly,  vice  president  of  engineering 
for  Extreme  Networks,  a  NAP  partner. “They 
connect  to  one  another  but  they  really 
don’t  do  anything  to  cooperate  with  one 
another  in  terms  of  securing  the 
network.” 

NAP  is  a  policy  enforcement  platform 
built  into  Windows  XP  clients  and 
Windows  2003  Server  that  can  restrict 
clients  from  accessing  networks  until  they 
prove  they  are  compliant  with  network 
security  policies.  XP  clients  report  on  PC 
configuration,  and  Windows  2003  Server 
checks  whether  configurations  meet  poli¬ 
cies.  If  not,  the  server  can  direct  the  PC  to  a 
restricted  network  segment  to  get  the 
updates  it  needs  to  comply  (see  graphic). 

See  NAP,  page  22 
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NAP  relies  on  partners 

As  computers  seek  access  to  corporate  networks,  Microsoft's  Network  Accesss 
Protection  checks  whether  they  comply  with  security  policies,  and  if  not,  are  barred 
or  sent  to  a  remediation  server  where  updates  bring  them  into  compliance.  Microsoft 
partners  will  integrate  their  gear  with  N  AP. 

Remediation  server 


NAP  client  in  Windows  XP  talks  to  partner 
software  to  determine  status  of  firewalls  and 
anti-virus  software. 


NAP  server 


VPN/SSL  gateway 


NAP  server  checks  with  policy  serverto  determine  if  PC 
meets  security  policies, a  nd  if  not  directs  switches  and 
gateways  to  shut  down  connections  or  divert  them  to  an 
isolated  remediation  server. 


Policy  server 


Symantec  offers  patching  help 

Software  designed  to  help  SMBs  deal  with  Microsoft  vulnerabilities. 


■  BY  PAUL  ROBERTS 

Symantec  last  week  announced  a  patch 
management  product  that  it  says  will  let 
users  more  effectively  stay  on  top  of  soft¬ 
ware  vulnerabilities. 

Symantec  ON  iPatch  Version  1.1  is  Micro¬ 
soft  Windows-based  software  that  can 
scan  a  computer  network  for  Windows 
machines,  determine  which  software 
patches  those  machines  have  installed 
and  automatically  download  and  install 
missing  patches  on  machines  that  need 
them,  the  company  says. 

Symantec  acquired  the  iPatch  technol¬ 
ogy  when  it  bought  ON  Technology  for 
$100  million  in  October  2003.  The  patch¬ 
ing  tool  was  previously  sold  only  with  the 
Symantec  ON  iCommand  configuration 
management  product. 

The  company  decided  to  break  out  the 
patching  component  so  it  could  target 
companies  with  fewer  than  2,000 


employees  that  might  not  be  interested 
in  the  full  iCommand  suite,  says  Thom 
Bailey,  director  of  product  management 
in  Symantec’s  enterprise  administration 
business  unit. 

“These  are  companies  that  don’t  have 
the  staff,  the  time  or  the  large  infrastruc¬ 
ture  in  place  to  couple  patch  manage¬ 
ment  with  other  technology^’  Bailey  says. 

ON  iPatch  is  a  software-only  product  that 
can  run  on  Windows  2000,  XP  or  Server 
2003  machines.  The  product  can  analyze 
the  software  patch  status  of  Windows 
machines  but  not  those  using  other  oper¬ 
ating  systems.  Links  in  the  product  con¬ 
nect  customers  to  Microsoft’s  patch-distri¬ 
bution  Web  site,  from  which  the  patch  can 
be  downloaded  and  installed. 

“We  wanted  to  really  focus  on  Microsoft 
because  that’s  where  the  majority  of  pain 
is  in  patch  management  in  smaller  shops,” 
he  says. 

Support  for  other  operating  systems  is 


possible  in  future  iPatch  releases,  as  are 
features  that  would  let  companies  test 
patches  before  deployment  and  link 
iPatch  to  Symantec’s  Drive  Image  disk 
back-up  product,  he  says. 

ON  iPatch  uses  a  scanning  engine  devel¬ 
oped  by  a  patch  management  technology 
company  Shavlik  Technologies  to  deter¬ 
mine  the  patch  status  of  machines  it 
scans. 

The  patch  management  product  pricing 
starts  at  $23.80  per  seat  for  10  to  24  seats. 
A  license  that  covers  up  to  1,000  seats 
costs  about  $19  per  seat,  Bailey  says. 

Roberts  is  a  correspondent  with  the  IDG 
News  Service. 
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There  is  something  in  a  standards  orga¬ 
nization  that  abhors  a  limit.  The  latest 
example  is  the  work  underway  in  the 
IEEE  802.1  In  project. 

There  is  a  lot  of  wrangling  to  go  yet  but 
the  goals  of  the  project  are  impressive 
enough.The  High  Throughput  Study  Group 
(802.1  In)  (see  www.nwfusion.com,  Doc- 
Finder:  3428)  was  authorized  by  the  IEEE 
about  a  year  ago  to  define  a  new  version  of 
the  wildly  popular  802.11  wireless  LAN 
standard  that  could  run  at  twice  (or  more) 
the  speed  of  the  54M  bit/sec  802.1  la/g 
standards.  (The  formation  document  for 
the  study  group  —  see  DocFinder:  3429  — 
and  the  project  criteria  —  DocFinder:  3430 
—  are  available  on  the  IEEE  Web  site.) 

The  presentations  to  explain  individual 
proposals  for  technology  to  meet  the  crite- 


Faster  than  you 

ria  were  due  mid-August.  Last  June  more 
than  60  people  had  indicated  that  they  in¬ 
tended  to  make  presentations  about  full  or 
partial  proposals,  but  I’ve  not  seen  how 
many  submitted  presentations. 

Two  groups  seem  to  have  decided  that 
PR  campaigns  might  help  their  chances 
when  it  comes  to  getting  their  proposals 
adopted.  The  first  group,  Task  Group  n, 
which  is  calling  its  proposal  TGn  Sync, 
includes  Agere  Systems,  Atheros,  Intel, 
Nokia,  Philips  and  Sony  There  is  a  white 
paper  on  the  TGn  Sync  proposal  at  (see 
DocFinder:  3431). The  other  group  calls  its 
proposal  WWiSE,  which  stands  for  World- 
Wide  Spectrum  Efficiency  The  WWiSE 
group  includes  Airgo,  Bermai,  Broadcom, 
Conexant,  STMicro  and  Texas  Instruments 
and  has  a  Web  site  at  www.wwise.org. 

The  name  of  the  second  proposal  alludes 
to  one  of  the  differences  between  them  — 
the  WWiSE  proposal  uses  20-MHz  chan¬ 
nels,  which  are  supported  in  all  countries 
and  the  TGn  Sync  proposal  uses  40-MHz 
channels,  which  are  not  supported  in 
Japan  but  can  back  off  to  20-MHz  chan¬ 


www.nwfusion.com 


need  is  not  fast  enough 


nels.  Both  proposals  include  modes  that 
are  compatible  with  802.1  la/b/g  and  other 
modes  that  support  500M  bit/sec  or  faster 
data  rates. 

One  hopes  these  two  groups  can  work 
together,  along  with  some  subset  of  the 
other  proposers,  to  come  up  with  one  stan¬ 
dard  within  a  reasonable  time  period. 

The  WWiSE  group  is  taking  an  interesting 
tact  by  offering,  with  some  specific  condi¬ 
tions,  to  license  the  technology  in  their  pro¬ 
posal  royalty-free  to  companies  imple¬ 
menting  the  resulting  IEEE  standard 
(assuming  their  proposal  becomes  the 
standard). This  might  look  better  than  it  is 
because  these  days  it’s  unlikely  that  the 
members  of  any  particular  group  will  own 
or  control  all  the  patents  that  lawyers 
somewhere  will  apply  to  a  standard.  Just  to 
make  the  intellectual  property  rights 
games  more  interesting,  there  is  no  reason 
to  think  that  all  the  companies  that  might 
decide  to  assert  patent  rights  in  the  future 
are  currently  participating  in  the  IEEE  dis¬ 
cussions  where  they  might  have  to  disclose 
such  patents  or  patent  applications. 


I’m  sure  that  bandwidth-wasting  applica¬ 
tions  will  be  developed  (like  the  memory- 
wasting  applications  so  popular  for  PCs 
these  days)  that  will  make  use  of  the  data 
rates  that  802.1  In  will  enable.  But  in  the 
meantime,  I  can  get  the  same  vicarious 
thrill  with  wireless  as  1  do  now  with  my 
Gigabit  Ethernet-equipped  laptop  plugged 
into  my  home  Gigabit  Ethernet  LAN  and 
connected  to  my  rather  non-gigabit  cable 
modem. 

I’m  sure  there  are  theoretical  and  practi¬ 
cal  limits  to  the  data  rates  that  can  be 
teased  out  of  this  type  of  technology  but, 
using  history  as  a  guide,  I  wouldn’t  want  to 
bet  on  what  the  standards  will  include  10 
years  from  now. 

Disclaimer:  Part  of  Harvard’s  job  is  the 
testing  of  perceived  theoretical  and  practi¬ 
cal  limits  on  all  sorts  of  things,  but  I  didn’t 
ask  about  this  particular  one,  thus  the 
above  opinion  is  mine. 

Bradner  is  a  consultant  with  Harvard 
University's  University  Information  Systems. 
He  can  be  reached  at  sob@sob.com. 
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continued  from  page  21 

Announced  last  month,  NAP  is 
due  out  sometime  next  year  and 
has  more  than  20  vendors  signed 
on  as  partners,  including  hard¬ 
ware  vendors  Enterasys,  Extreme, 
Foundry  Networks,  ProCurve 
(HP)  and  Juniper,  as  well  as  a 
range  of  software  makers. 

That’s  all  Microsoft  will  reveal 
about  NAP  but  its  partners  have 
hopes  that  it  can  be  used  as  a 
platform  to  bind  their  products  to 
those  of  other  vendors  with  the 
aim  of  making  networks  more 
secure. 

For  example,  with  NAP  in  place 
it  could  become  possible  for  an 
Extreme  Black  Diamond  10K 
switch  that  detects  a  radical  jump 
in  traffic  from  a  specific  desktop 
to  check  whether  that  behavior 
should  be  blocked,  allowed  or 
monitored  further  to  determine  if 
it  represents  a  threat,  Ananmaly 
says.These  are  decisions  a  switch 
or  router  cannot  make  alone. 

A  policy  server  —  either  Micro¬ 
soft’s  or  some  other  vendor’s  — 
consulted  by  the  NAP  server 
could  issue  orders  for  the  net¬ 
work  to  take  whatever  action  the 
policy  specifies. “This  is  where  in¬ 
tegration  with  NAP  becomes  only 
a  way  to  effectively  implement 
policy  because  policy  can  mean 
a  wide  range  of  outcomes,”  he 
says. 

To  support  NABvendors  are  writ¬ 
ing  links  to  Microsoft  NAP  server 
and  NAP  client  software  so  they 
can  share  information  and  to  take 


instructions  from  other  network 
elements  as  coordinated  through 
the  NAP  server. 

Alternatives  to  NAP  include 
Cisco’s  proprietary  network  ad¬ 
mission  control,  and  a  similar 
plan  from  the  Trusted  Computing 
Group  would  result  in  an  open 
architecture  relying  on  the  IEEE 
standard  802.  IX.  NAP  too,  would 
be  open  to  all  vendors. 


Initially,  NAP  promises  more 
modest  goals  of  quarantining  traf¬ 
fic  from  computers  that  are  trying 
to  access  networks  but  whose 
configuration  fails  to  meet  secur¬ 
ity  policies. 

At  this  point,  hardware  vendors 
can  work  with  Microsoft  to  make 
their  gear  interoperable  with 
NAR says  Doug  Patteson,  manager 
of  secure  networks  certification 
program  for  Enterasys.  “What  we 
want  to  make  sure  is  that  we  can 
add  value  to  NAP  and  tie  it  into 
our  policy-based  Secure  Network 
Solution.” 

For  example,  if  a  computer 
meets  network  security  policies 
checked  by  NAP  but  nevertheless 
carriers  a  worm  or  Trojan,  it  could 
clog  the  network  with  malicious 
traffic.  We’ve  got  some  ability  to 
have  a  back-up  solution  should 


that  kind  of  attack  occur)  Patteson 
says.“We’d  have  a  second  level  of 
defense  in  the  network  fabric  — 
shut  off  a  switch  port,  for 
instance.” 

Juniper,  another  NAP  partner, 
likely  will  tie  its  Secure  Sockets 
Layer  (SSL)  remote-access  gear 
into  the  Microsoft  scheme.  Using 
the  NAP  capability  to  check 
whether  a  remote  machine  is 


compliant,  the  SSL  gear  could 
determine  whether  to  allow  or  re 
strict  its  access  via  its  Instant 
Virtual  Extranet  SSL  gateway  says 
Matt  Palmer,  Juniper’s  senior  man¬ 
ager  of  strategy  and  corporate 
development. 

Future  enhancements  are  possi¬ 
ble,  he  says  but  he  would  not 
specify  what  they  might  be.  “NAP 
gives  us  an  API  to  write  to  on  the 
desktop,”  so  the  company  could 
integrate  its  gateways  with  other 
vendors’  endpoint  security  soft¬ 
ware,  he  says. 

“The  benefit  of  NAP  is  we  can 
get  away  from  isolated  islands  of 
vendors,”  whose  gear  might  per¬ 
form  well  on  its  own  but  is  not 
easily  brought  into  an  overarch¬ 
ing  security  plan,  says  Andrew 
Harding,  Juniper’s  director  of  pro¬ 
duct  management.  “Rather  than 


assign  single  tasks  for  each  ven¬ 
dor’s  equipment,  you  can  recon¬ 
cile  a  policy  across  the  network,” 
he  says. 

Check  Point  is  not  a  NAP  part¬ 
ner,  but  it  says  an  open  policy 
enforcement  platform  is  a  good 
idea,  citing  its  own  efforts  to  use 
the  802.  IX  standard  to  link  its 
endpoint  checking  Integrity 
SecureClient  software  to  switches 
and  routers  made  by  Cisco, 
Enterasys,  Extreme  and  Foundry 

“It’s  undesirable  to  replace  a 
good  and  open  standard  on 
switches  for  something  that  won’t 
be  available  for  a  few  years,”  says 
Chad  Harrington, director  of  enter¬ 
prise  products  for  Check  Point. 

Accepting  NAP  could  present 
software  vendors  with  a  new,  for¬ 
midable  competitor,  namely 
Microsoft,  says  Jon  Oltsik,  senior 
analyst  for  information  security  at 
Enterprise  Strategy  Group.  Once 
Microsoft  establishes  credible 
security  software  that  is  bundled 
in  its  client  and  server  software  at 
no  extra  cost,  even  its  software 
partners  might  be  threatened,  he 
says.“lf  Microsoft  comes  out  with 
comparable  feature  functionality 
then  economy  wins  out,”  he  says. 

Switch/router  vendor  Nortel  is 
not  on  the  list  of  partners  but  says 
it  is  in  negotiations  with  Microsoft 
to  join  the  NAP  alliance.  Beyond 
ensuring  interoperability,  the  com¬ 
pany  will  see  whether  some  of  its 
technology  can  benefit  from  the 
endpoint  security  NAP  promises, 
a  Nortel  spokesman  says.“We’re  at 
the  start  of  the  process  rather  than 
at  the  end,”  the  spokesman  says. 


I  fc  The  benefit  of  NAP  is  we  can  get  away 
from  isolated  islands  of  vendors .11 

Andrew  Harding 

Director  of  product  management,  Juniper 


Joining  NAP  would  be  in  char¬ 
acter  with  Nortel’s  past  practices. 
The  company  already  teams  with 
Check  Point  by  running  its  Fire- 
wall-1  software  on  Nortel  Alteon 
switches.  It  also  already  has  ad¬ 
dressed  endpoint  security  with 
Tunnel  Guard,  software  that 
denies  VPN  access  to  machines 
that  fail  to  meet  security  policies. 

At  least  part  of  Nortel’s  interest  is 
based  on  Windows  large  pres¬ 
ence  in  business  networks  and 
the  desire  to  fit  in  with  whatever 
technologies  are  pervasive  in 
those  networks.  “Microsoft’s  got 
quite  a  base  out  there,”  the  spokes¬ 
man  says. 

Whether  NAP  or  some  other 
scheme  wins  out  as  the  standard 
way  to  enforce  security  policies 
across  heterogeneous  networks, 
such  standards  are  needed  to 
best  protect  corporate  networks, 
Juniper’s  Harding  says.  “Vendors 
should  do  the  work  to  make  prod¬ 
ucts  interoperable.  Network  secu¬ 
rity  ought  to  just  work.”  ■ 


More  online! 

In  this  Network  World  Webcast,  Johna  Till 
Johnson,  founder  of  Nemertes  Research, 
offers  practical  advice  for  structuring 
what's  being  called  "The  New  Data  Center." 
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Carrier  group  seeks  fee  overhaul 

Yearlong  effort  results  in  plan  for  carrier  compensation  reform. 


■  BY  JIM  DUFFY 

A  group  of  carriers  is  lobbying  the  FCC  to 
overhaul  the  way  service  providers  are 
compensated  for  completing  calls  originat¬ 
ing  on  competitors’  networks. 

The  Intercarrier  Compensation  Forum 
(lCF),led  by  AT&T,  MCI, Sprint  and  SBC,  last 
week  proposed  a  reform  of  disparate  inter¬ 
carrier  compensation  arrangements  they 
claim  “harms  consumers  and  creates  artifi¬ 
cial  regulatory  advantages  for  certain  carri¬ 
ers  and  technologies.”  The  group  says  its 
plan  seeks  to  revamp  the  system  to  pre¬ 
serve  competition,  facilitate  deployment  of 
new  technologies  and  advance  consumer 
interests. 

The  ICF  also  includes  General  Communi¬ 
cation,  Global  Crossing  North  America, 
Iowa  Telecom,  Level  3  and  Valor  Telecom¬ 
munications.  The  group  once  included  at 
least  25  carriers  participating  at  various 
stages  throughout  a  yearlong  effort  to  craft 
the  new  compensation  plan.  Verizon  and 
BellSouth  were  among  those  25,  but  they 
left  the  group  in  May  when  they  could  not 
fully  endorse  the  compensation  plan  as  it 
was  at  that  time. 

Both  carriers  are  mulling  the  latest  effort. 

“We  have  not  had  time  to  parcel  through 
it,  to  see  how  far  it  has  or  has  not  come 
since  May"  a  BellSouth  spokesman  says. 


■  WilTel  Communications  last  week 
announced  two  Managed  CPE  ser¬ 
vices  for  dedicated  Internet  access 
and  IP  VPN  customers.  The  Managed 
CPE  services  come  in  two  flavors: 
equipment  management  and  mon¬ 
itoring,  or  monitor-only  service.  The 
service  is  designed  specifically  around 
monitoring  Cisco  routers, 
although  WilTel  says  it  will  manage 
other  vendors'  gear  if  a  customer 
already  has  that  deployed.  WilTel  is 
teaming  with  outsourcer  SevenSpace 
to  support  the  service.  SevenSpace, 
in  nearly  all  cases,  will  handle  the  CPE 
management  and  monitoring  for  all 
WilTel  customers. 


Verizon  thought  the  May  plan  was  too 
comprehensive. 

“A  better  approach  is  to  back  up  and  take 
bite-size  chunks”  of  the  problem,  as  in 
addressing  VoIP  separately,  then  universal 
service,  a  Verizon  spokesman  says. 

Verizon  agrees  that  the  system  needs  to 
be  fixed.  According  to  the  ICF  the  system 
harms  consumers  by  forcing  carriers  to 
make  arbitrary  distinctions  between  local 
and  long-distance  services,  which  makes  it 
more  difficult  for  consumers  to  receive  the 
service  bundles  they  want. 

“Jurisdictional  disparities  in  inter-carrier 
compensation  often  make  it  more  expen¬ 
sive  to  call  across  the  state  than  across  the 
country  or  around  the  world,”  the  group 
says  in  an  executive  summary  of  its  plan. 

The  current  arrangement  also  harms  uni¬ 
versal  service,  the  ability  to  fund  telecom 
service  in  rural  and  poor  areas,  the  group 
says.  Some  providers  are  able  to  avoid 
some  or  all  of  their  contribution  obliga¬ 
tions,  as  consumers  increasingly  bypass 
interstate  long-distance  offerings  in  favor  of 
wireless  services,  bundled  service  and 


■  BY  DENISE  PAPPALARDO 

Infonet  Services  announced  last  week 
that  it  has  exceeded  its  planned  number  of 
hot  spots  deployed  for  the  year  by  2,000 
locations. 

The  multinational  service  provider  said 
earlier  this  year  that  it  expected  to  have 
10,000  hot  spots  on  its  network  by  year- 
end. The  carrier  has  12,000  worldwide  and 
says  it  will  double  that  number  by  the  end 
of  2005. 

More  users  have  come  to  expect  broad¬ 
band  access  in  their  homes,  work  places  or 
while  on  the  road,  says  Keith  Waryas,  re¬ 
search  manager  for  wireless  business  net¬ 
work  services  at  IDC.  “Dialup  is  not  practi¬ 
cal  if  you  have  to  send  or  download  a  4-,5- 
or  10-megabit  PowerPoint  file,”  he  says. 

As  Wi-fi  becomes  more  widely  deployed 
it  is  becoming  one  of  the  easier  broadband 
technologies  to  use,  Waryas  says.  As  more 
venues  support  Wi-fi,  it  will  become  more 
predictable  for  business  users. 

Infonet  is  teaming  with  15  wireless  ISPs 
and  aggregators  to  make  up  its  network  of 


Still  participating 

Once  25-strong,  the  Inter¬ 
carrier  Compensation  Forum 
has  only  these  nine  members 
remaining: 

•  AT&T 

•  General  Communication 

•  Global  Crossing  North  America 

•  lowaTelecom 

•  Level  3  Communications 

•  MCI 

•  SBC 

•  Sprint 

•  ValorTelecommunications 

information  services,  according  to  the  ICF 
But  the  ICFs  alternative  is  not  without 
critics.  TeleTruth,  a  customer  advocacy 
organization,  calls  the  plan  a  “scam”  that 
protects  carrier  interests  at  the  expense  of 
businesses  and  consumers. 


No  slowing  down 

IDC  predicts  a  substantial  jump 
in  the  number  of  hot  spots 
deployed  around  the  U.S. 


wireless  LAN  access  points.  The  three 
largest  partners  include  Boingo  Wireless, 
GoRemote  (formerly  Gric  Communica¬ 
tions)  and  Togewanet,  a  Swiss  company 
The  service  provider  also  has  deployed 
its  own  hot  spots  in  about  20  countries  and 
plans  to  deploy  additional  access  points  in 
the  Asia-Pacific  region.  Infonet  says  it  has 


“Instead  of  getting  rid  of  intrinsic  prob¬ 
lems,  they’re  just  raising  rates,”  says  Bruce 
Kushnick,  chairman  of  TeleTruth.  Kushnick, 
who  notes  the  lack  of  consumer  represen¬ 
tation  on  the  ICFsays  it  is  “more  of  a  cabal 
than  an  economic  analysis”  group. 

If  approved,  the  ICF  plan  would  begin  to 
restructure  rates  on  July  1,2005,  and  unify 
the  network  interconnection  and  inter-car¬ 
rier  compensation  framework  within  three 
years.  It  does  this  by  seeking  to  develop 
uniform  rules  that  provide  a  framework  for 
voluntary  carrier  negotiations  and  estab¬ 
lish  default  responsibilities  in  the  absence 
of  any  carrier  agreement. 

The  network  interconnection  rules  also 
are  designed  to  protect  universal  service  in 
rural  regions  by  establishing  modified 
default  rules  to  apply  to  networks  operated 
by  a  Covered  Rural  Telephone  Company 

Under  the  ICF  plan,  all  inter-carrier  com¬ 
pensation  begins  a  four-step,  three-year 
transition  on  July  1,2005,  to  a  uniform  sys¬ 
tem  with  a  single  termination  rate  of 
$0.000175  per  minute  for  all  traffic.  On  July 
1,2010,  the  rate  is  reduced  to  zero.B 


decided  to  deploy  some  of  its  own  hot 
spots  to  increase  its  Wi-fi  coverage  to  spe¬ 
cifically  address  customer  requirements. 

While  these  Infonet-deployed  hot  spots 
are  there  to  meet  their  customer’s  needs, 
the  carrier  says  an  added  benefit  is  that  it 
has  more  control  over  these  network  con¬ 
nections  making  it  easier  to  offer  service- 
level  agreements  (SLA).  Service  providers 
have  yet  to  offer  standard  performance 
SLAs  with  Wi-fi  services,  but  IDC’s  Waryas 
says  the  guarantees  might  be  available 
soon.  Service  providers  are  gaining  more 
experience  with  Wi-fi, and  they  are  starting 
to  learn  network  thresholds,  he  says. 

Infonet  offers  Wi-fi  service  as  part  of  its 
MobileXpress  remote  access  service  pack¬ 
age.  MobileXpress  lets  customers  securely 
access  the  Internet  from  120  countries. 

The  service  provider  says  it  plans  to  offer 
mobile  wireless  support  for  its  Mobile¬ 
Xpress  customers.  Infonet  says  it  will  sup¬ 
port  wireless  data  services  based  on  Code 
Division  Multiple  Access  2000  lx  Evolution 
Data  Optimized,  General  Packet  Radio 
Service  and  other  3G  technologies.  ■ 


Infonet  beats  hot-spot  expectations 
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Depends  on  what  the  definition  of  WAS  is 


You’ve  been  hearing  a  lot  lately  about 
wide-area  storage.  At  the  Network 
World  Technology  Tours  on  next-gen¬ 
eration  data  center  technology  1  joked  that 
the  best  place  to  locate  a  back-up  facility  is 


in  South  Dakota  —  unless,  of  course,  your 
primary  data  center  is  already  in  South 
Dakota,  in  which  case  your  back-up  facility 
should  be  in  North  Dakota. 

As  I  said,  it  was  a  joke  —  but  WAS  pro¬ 


vides  plenty  of  serious  benefits.  It  lets  com¬ 
panies  protect  data  by  storing  it  offsite  in  a 
location  that’s  less  likely  than  many  head¬ 
quarters  to  be  a  target  for  terrorists,  hurri¬ 
canes  or  earthquakes.  It  also  provides  the 
opportunity  to  house  data  in  lower-cost 
real  estate,  leaving  higher-cost  real  estate 
for  locations  in  which  humans  need  to 
interact.  In  short,  WAS  holds  the  promise  of 
becoming  a  lynchpin  of  corporate  infor¬ 
mation  stewardship  strategies. 

As  noted  a  few  weeks  ago,  effective  infor¬ 
mation  stewardship  requires  understand¬ 
ing  how  to  secure  information  and  how  to 
back  it  up  and  retrieve  it  efficiently  — 
which  typically  involves  mastering  storage 
network  technologies.  That  means  under¬ 
standing  the  unique  constraints  that  stor¬ 
age  places  on  the  network. 

Specifically  the  network  must  deliver 
exceedingly  low  packet  losses  (less  than 
1%,  according  to  research  done  at  CNT); 
exceedingly  low  latencies  (close  to  the 
speed  of  light  in  fiber,  which  is  roughly  30 
millisec  across  North  America),  and  very 
high  bandwidths  (multigigabit  speeds 
aren’t  uncommon). 

Obviously  the  degree  to  which  these  con¬ 
straints  apply  depends  on  how  the  remote 
storage  is  being  used.  Archiving  imposes 
fewer  constraints  than,  say  real-time  disk 
access. Working  around  these  limitations  is 
what  gives  rise  to  the  entire  concept  of 
information  life-cycle  management,  whose 
fundamental  idea  is  that  you  store  infor¬ 
mation  where  you  can  most  effectively 
(and  cost  effectively)  get  at  it.Archival  data, 
which  is  rarely  if  ever  looked  at,  can  be 
stored  on  tape.  Data  that’s  part  of  an  active 
database  needs  to  reside  on  disk  —  and  if 
you’re  interested  in  having  that  data 
instantly  available  in  case  of  an  outage,  it 
needs  to  be  updated  in  real  time. 

In  the  old  days  —  three  to  five  years  ago 
—  many  companies  deployed  Fibre 
Channel-over-SONET  solutions  for  WAS. 
These  days,  though,  the  trend  is  toward  IF 
and  in  particular  toward  solutions  that 
leverage  existing  IP  networks  to  provide 
real-time  access  to  data. 

That’s  the  vision  behind  the  so-called 
wide-area  file  services  (WAFS)  arena,  the 
newest  entry  in  the  WAS  market.  These 
boxes  essentially  cache  data  securely  to 
provide  real-time  performance  for  remote 
data  access.  Examples  include  Cisco, 
which  recently  acquired  Actona.one  of  the 
next-generation  WAFS  solutions;  Signiant, 
which  inked  an  OEM  deal  with  EMC;  and 
Tacit,  which  partners  with  IBM  Europe. 
Other  players  include  Disksites  and  River¬ 
bed  Technology.  WAFS  doesn't  provide 
much  redundancy,  but  these  products 
make  it  possible  to  access  a  remote  data 
center  as  though  it  were  local. 

There’s  a  lot  happening  in  this  area  — 
and  it  will  continue  to  evolve. 


Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research ,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 
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Broadband  over  power  lines  gaining  steam 


■  BY  JENNIFER  MEARS 

In  Manassas, Va.,  residents  and  businesses  have  a  third 
option  for  broadband  Internet  access,  and  it  comes  at 
a  lower  price  and  without  the  installation  fee  and 
long-term  commitment  of  DSL  and  cable.  What’s  more,  it’s 
delivered  over  electrical  wires,  meaning  everyone  soon 
will  have  access  to  high-speed  Internet  without  availabil¬ 
ity  limitations  that  plague  other  technologies. 

“We’ve  got  a  couple  hundred  users  today  that  are  using 
the  BPL  [broadband  over  power  line]  service,  and  we’ve 
got  about  1,200  on  a  waiting  list,” says  John  Hewa,  assis¬ 
tant  director,  electric  utility  for  the  city  We  think  around 
the  end  of  the  year  or  the  beginning  of  2005,  we’ll  have 
the  service  available  anywhere  in  the  cityX 
In  January,  Manassas,  a  city  of  about  36,000  people, 
turned  an  18-month  field  trial  into  a  commercial  offering. 
It’s  one  of  four  utilities  —  including  Cynergy  in  Cincin¬ 
nati,  Pennsylvania  Power  &  Light,  and  Central  Virginia 
Coop  —  that  have  rolled  out  commercial  BPL  this  year. 

While  2004  didn’t  turn  into  quite  the  rush  to  embrace 
BPL  services  that  industry  observers  predicted  last  year, 
there  continues  to  be  momentum  around  the  technology 
Providers  say  BPL  throughput  can  range  from  300K  to  2M 
bit/sec,  about  the  same  as  cable  and  DSL,  but  that  they 
can  provide  the  service  at  a  less-expensive  rate. 

Manassas,  for  example,  offers  its  BPL  for  $26.95  per 
month  with  no  installation  fee  and  no  long-term  contract. 
Hewa  says  cable  service  in  Manassas  could  be  as  much 
as  $55  per  month  without  a  bundled  package  that 
includes  cable  television  service,  and  DSL  averages  about 
$30  per  month.  Cable,  and  DSL  also  charge  installation 
fees  and  require  long-term  contracts,  Hewa  says. 

The  primary  benefit  of  BPL,  however,  is  that  it  can  be 
delivered  over  existing  infrastructure:  any  site  with  power 
outlets  can  be  hooked  up  to  a  high-speed  broadband 
connection. That  has  attracted  the  attention  of  high-level 
officials,  including  FCC  Chairman  Michael  Fbwell  and 
President  George  Bush,  who  has  called  for  nationwide 
broadband  access  by  2007. 

“One  great  opportunity  [to  get  broadband  to  more  con¬ 
sumers]  is  to  spread  broadband  throughout  America  via 
our  power  lines,”  Bush  said  during  a  speech  at  the  Depart¬ 
ment  of  Commerce  in  June. 

But  hurdles  remain  —  such  as  setting  standards  and 
opposition  from  groups  such  as  amateur  radio  enthusi¬ 
asts  who  say  the  technology  causes  too  much  radio  inter¬ 
ference.  Analysts  are  also  lukewarm  about  BPL’s  prospects 
for  taking  significant  market  share  from  DSL  and  cable. 
They  note  that  cable  and  DSL  have  matured  to  provide 
more  than  a  single  “big  pipe,”  bundling  other  services  into 
their  offerings.That’s  something  BPL  also  will  have  to  do. 

“We’re  in  the  camp  of  ‘We’re  going  to  believe  it  when  we 
see  it,’”says  Matt  Davis, director  of  broadband  access 
technologies  at  The  Yankee  Group. “The  more  technolo¬ 
gies  and  the  more  choices  in  the  marketplace,  the  better. 

It  keeps  everybody  innovating.  But  it’s  going  to  be  tough. 
To  tell  you  the  truth,  if  utilities  are  really  going  to  get  into 
driving  telecom  services  it  likely  will  be  through  fiber’’ 
Nevertheless,  the  continuing  maturity  of  BPL  and  a 
growing  number  of  positive  experiences  with  field  trials, 
along  with  government  support,  is  helping  spur  interest. 
Last  year,  for  example,  there  were  about  a  dozen  utilities 


conducting  field  trials,  but  no  commercial  deployments. 
This  year,  in  addition  to  the  four  commercial  ventures,  the 
number  of  field  trials  has  increased  to  more  than  36. 

ISPs  that  quietly  watched  the  trials  last  year  are  now  get¬ 
ting  into  the  game.  EarthLink,  for  example,  is  partnering 
with  Progress  Energy  to  deliver  BPL  in  a  field  trial  outside 
of  Raleigh,  N.C.  EarthLink  also  has  been  working  with 
Consolidated  Edison  in  New  York  to  deliver  BPL  on  a  trial 
basis  for  about  two  years.  Last  month,  AT&T  announced  it 
was  working  with  Pacific  Gas  and  Electric  to  conduct  a 
trial  with  about  100  residents  in  Menlo  Park,  Calif. 

“There  is  general  acceptance  now  that  broadband  over 
power  line  is  here  to  stay  Most  people  agree  it’s  going  to 


happen  and  that  it’s  a  good  thing,”  says  Alan  Shark,  presi¬ 
dent  of  the  Fbwer  Line  Communications  Association. “It’s 
gotten  off  the  drawing  board.You  are  seeing  deployments.” 

Research  firm  Chartwell,  which  tracks  the  energy  indus¬ 
try,  says  the  percentage  of  utilities  —  gas,  water  and  elec¬ 
tric  —  planning  or  considering  broadband  deployments 
rose  from  6%  in  2000  to  20%  in  2003.  Of  100  electric  utili¬ 
ties  Chartwell  surveyed,  a  third  said  they  were  using,  plan¬ 
ning  or  considering  broadband  last  year. 

BPL  is  a  last-mile  technology  that  injects  data  handed 
off  from  a  backhaul  line,  such  as  fiber-optic  or  fixed  wire¬ 
less,  into  medium-voltage  power  lines.  Companies  such  as 
Ambient,  Amperion,  Current  Technologies  and  Main.net 
have  developed  technology  to  do  that. 

The  technology  providers  have  their  greatest  variance 
when  the  data  signals  reach  the  transformer  that  converts 
medium  volts  into  the  low  volts  that  are  sent  into  homes 
and  businesses.  Amperion,  for  example,  avoids  the  trans¬ 
former  and  low-voltage  lines  altogether,  using  Wi-Fi  to  go 
directly  into  the  homes.The  others  go  through  the  trans¬ 


former  or  around  it,  sending  IP  packets  into  the  home 
along  the  low-voltage  lines. 

The  data  is  accessed  via  a  standard  HomePlug-certified 
device  or  a  proprietary  device  that  plugs  into  a  wall. 

Utilities  are  still  grappling  with  the  business  issues  of 
becoming  a  broadband  wholesaler  —  in  most  cases  they 
are  not  interested  in  distributing  the  service  themselves 
and  instead  are  working  with  third-party  service 
providers.  Manassas,  for  example,  is  partnering  with 
broadband  provider  Communication  Technologies. 

“The  utility  companies  that  conducted  the  trials  initially 
were  asking  the  question, ‘Does  it  work?”’ says  Brett 
Kilbourne,  director  of  regulatory  services  for  the  United 


Telecom  Council,  an  IT  trade  association  for  electric,  gas 
and  other  critical  infrastructure  firms.“The  question  now 
is, ‘Can  we  deploy  it  economically?”’ 

Another  issue  that  might  be  holding  things  up  is  that 
rules  and  standards  are  still  pending.This  fall,  the  FCC  is 
expected  to  finalize  rules  it  proposed  earlier  this  year 
regarding  BPL.  As  for  standards,  the  IEEE  has  formed  a 
committee  to  create  hardware  and  safety  standards  for 
BPL. While  Kilbourne  notes  that  many  utilities  might  be 
waiting  for  the  FCC  to  finalize  rules  before  making  seri¬ 
ous  bets  on  BPL,  standards  probably  won’t  make  that 
much  of  a  difference  just  yet. 

The  IEEE  says  it  likely  will  be  2006  before  any  standards 
are  settled  on.  Once  standards  are  set,  it  will  help  drive 
down  prices  by  removing  the  proprietary  nature  of  exist¬ 
ing  hardware  technologies,  analysts  say. 

As  for  existing  obstacles,  the  FCC  is  proposing  rules 
aimed  at  mitigating  problems,  including  requiring  that 
BPL  equipment  can  reduce  power  or  shift  frequencies  to 
avoid  or  correct  interference  problems.  ■ 


Getting  their  feet  wet 


A  growing  number  of  utilities  are  exploring  broadband  over  power  line  opportunities. 
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networked  IT 


The  need  for 
mobility  marks  today's  most 
strategic  businesses.  Inside t 
discover  how  to  make  wire¬ 
less  part  of  your  new  data 
center  architecture. 
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Get  the  iPass  Security 
Best  Practices  Guide. 

www.iPassIsThere.com 
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Enterprise  Connectivity  Services 


®2004  'Pass  Inc.  All  Rights  Reserved. 

•Pass  ond  the  iPass  logo  ore  registered  trodemorks  of  iPass  Inc. 


Safe,  simple  roaming  around 
the  world  and— for  the  first 
time— around  the  workplace. 

Now,  everywhere  is  There. 


If  iPass  can  deliver  secure,  reliable  connections 
in  over  150  countries,  why  not  do  the  same 
in  your  office?  Now  the  iPass®  Wireless 
LAN  Roaming  service  lets  you  integrate 
corporate  WLANs  into  your  connectivity 
mix — weaving  a  world  of  dial-up,  Ethernet 
and  Wi-Fi  connections  into  a  single,  policy- 
managed  solution.  So  even  when  your  users 
are  Here,  they’re  There. 


WE’VE  EXPANDED  OUR 
COVERAGE  TO  INCLUDE 
ALL  TWO  DESTINATIONS 


AN  EDITORIAL 
SUPPLEMENT  TO 
NETWORK  WORLD 


Rethinking  networked  IT 


In  this,  the  fifth  in  a  six-part  series, 
we  spotlight  strategies  and  technolo¬ 
gies  for  making  wireless  part  of 
your  new  data  center  architecture. 
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With  improved  devices,  apps 
icture,  wireless  is  making  head¬ 
way  as  a  solid  new  data  center  technology. 
Analyst  Math  Lowenstein  offers  a  10-point 
evaluation  guide. 
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Three  early  adopters  tell  how 
they’ve  paired  VoIP  and  WLANs  as  part  of  their 
new  data  center  plans. 
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Advances  in  wireless  nets  and 
mobile  computing  now  make  it  possible  to 
separate  line-of-business  applications  from 
enterprise  desktops. 
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:  Using  virtualization  technology  to 
pry  apps  away  from  dedicated  physical 
sources  can  have  an  added  benefit:  DR  on 
e  cheap. 
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flVrTTTTUT^  Sam  Marrazzo, senior 
for  Praxair,  shares  his 


insights  on  preparing  applications  for  virtual¬ 
ized  servers. 

3B data  car" 

:rs  evolve,  businesses  say  these  technologies 
have  helped  them  cut  costs  and  become  more 
efficient,  even  as  the  workload  increases. 
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With  improved  devices,  apps 
and  infrastructure,  wireless  is 
making  headway  as  a  solid  new  data  cen¬ 
ter  technology.  Analyst  Mark  Lowenstein 
offers  a  ICD-point  evaluation  guide. 

Toward  the 

mobile  enterprise 

step  by  step 


■  BY  MARK  LOWENSTEIN 

obility  in  the  enterprise  has  been  —  like  wireless  coverage  — 
spotty  Too  many  “gotchas”  have  prevailed:  unreliable  and  slow 
networks,  deficient  devices,  underdeveloped  billing  and  cus¬ 
tomer  care  systems,  and  lack  of  focus  by  the  major  wireless  operators.  These 
factors  made  for  complex  wireless  projects  involving  a  veritable  circus  of  middle¬ 
ware,  gateway  and  system  integrator  vendors.  As  a  result,  outside  of  BlackBerry 
which  counts  about  1  million  users  worldwide,  we’ve  not  seen  broad  adoption  of 
wireless  data  in  the  enterprise.  In  fact,  research  shows  that  the  global  market  for 
downloading  ring  tones  exceeds  that  for  enterprise  wireless  data  services  today 
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But  in  the  past  two  years,  we've  seen  progress  on  several  fronts: 

•  Wireless  networks  have  improved.  Coverage  is  better,  and  2.5G  networks 
such  as  General  Packet  Radio  Service/Enhanced  Data  Rates  for  GSM  Evo¬ 
lution  and  Code  Division  Multiple  Access  lx  boast  always-on  capability  and 
offer  speeds  of  one  to  three  times  that  of  dial-up.  (How  much  faster  depends 
on  a  number  of  factors,  such  as  distance  from  base  station  and  capacity 
loading.) 

•  We  finally  have  a  suite  of  business-class  devices,  across  multiple  operat¬ 
ing  systems.  Whether  phone  or  PDA-phone  combinations,  these  devices  sup¬ 
port  much  greater  memory  (up  to  64M  byte  on  board,  with  many  having 
some  form  of  removable  storage)  and  faster  processors  (we’ll  see  the  first  1- 
GHz  processor  on  a  phone  by  next  year).  Sample  business-class  devices 
include  the  BlackBerry,  palmOne  Treo  (Palm  OS),  Samsung  i700  (Microsoft 
Pocket  PC)  and  Sony  Ericsson  P900  (Symbian). 

•  Wireless  carriers  have  improved  support  for  the  enterprise.  Most  have 
dedicated  support  for  midsize  to  large  companies,  separate  care  centers  for 
data  and  improved  billing  systems.  All  have  expanded  their  technical  sales 
resources. Their  security  story  also  has  evolved. 

With  such  advancements,  companies  now  can  take  wireless  to  the  next 


A  look  at  3G’s  impact 

Mark  Lowenstein  of  Mobile  Ecosystems  tells  why  3G  should  bring  about  change  to 
enterprise  remote-access  strategies. 

The  much-anticipated  launch  of  3G  in  North  America  will  usher  in  the  first  stage  of  what  I  call  "the  mobile 
broadband  era." 

Previous  improvements  in  WAN  data  speeds  have  been  in  modest  increments.  But  3G  represents  enough 
of  a  great  leap  forward  fhat  users  should  begin  the  process  of  re-thinking  their  remote-access  strategies. 
Let’s  look  at  this  from  performance  and  ROI  perspectives. 


Performance 

All  sorts  of  variables  determine  the  data  rate  a 
user  will  get  in  a  given  place,  at  a  given  time,  for  dif¬ 
ferent  applications  and  connectivity  modes.  But  if  we 
use  300K  bit/sec  down  and  60K  to  80K  bit/sec  (lx 
speeds)  up  as  the  "base  case,"  the  key  issue  is 
whether  this  is  suitable  enough  for  corporations.  We 
have  to  ask:  With  such  bandwidth,  can  they  seriously 
consider  the  WAN  as  their  default  remote-access 
network?  The  answer  is  a  qualified  "yes,"  with  the  fol¬ 
lowing  considerations: 

•  Coverage.  3G  coverage  will  not  be  as  universal  as 
voice  or  2.5G.  It  initially  will  be  focused  on  where  busi¬ 
nesses  are  concentrated  and  in  city  centers. 

•  Speed.  The  lx  speed  on  the  uplink  could  be  a  gat¬ 
ing  factor  for  some  users,  depending  on  their  require¬ 
ments.  Revision  A  of  Evolution-Data  Optimized  (D-O) 
will  lead  to  significant  improvements  in  the  transmit 
link,  circa  2006,  as  will  the  high-speed  downlink  pack¬ 
et  access  version  of  Universal  Mobile  Telecommuni¬ 
cations  Service. 

•  Power  management.  Our  tests  of  3G  have  shown 
that  in  intensive  use  it  cuts  battery  power  by  half, 
and  is  even  hungrier  than  Wi-Fi. 

Price  and  ROI 

Let's  use  Verizon’s  current  $80-per-month  flat-rate 
plan  in  Washington,  D.C.,  and  San  Diego  and  $150  to 
$250  for  a  PC  card  as  the  base  case  for  3G  remote 
access.  Can  CIOs  justify  $1,000  per  year,  per  user, 
plus  an  upfront  equipment  charge?  Well,  they  certain¬ 
ly  do  for  BlackBerry,  although  that  is  still  mainly  an 
executive  tool. 

To  justify  this  expenditure,  we  need  to  think  about 
D-0  displacing  some  percentage  of  the  current 
remote  access  budget.  Let's  admit  that  D-0  is  not 
comparable  to  fixed  broadband  or  Wi-Fi  in  terms  of 
throughput.  But  it  is  “good  enough"  in  many  situa¬ 
tions.  If  D-0  can  displace  one-third  to  one-half  of 
existing  remote  broadband-access  expenditures, 
then  you  can  make  the  business  case.  But  you’ll  have 
to  factor  in  the  harder-to-quantify  benefits  of  mobility, 


ubiquity  and  convenience  (one  provider,  one  connec¬ 
tion)  as  the  remaining  50%  of  ROI.  You  get  to  50% 
broadband  displacement,  to  use  simple  but  illustra¬ 
tive  examples,  with  20  hotel  connects  per  year  and 
one  Wi-Fi  provider  relationship  (at  $30  per  month)  or 
with  50  broadband  "connects,"  at  $10  per  connect. 

Although  the  3G  WAN  could  be  the  default  for  re¬ 
mote  access,  this  is  not  a  zero-sum  game  with  re¬ 
spect  to  Wi-Fi.  3G  will  not  be  ubiquitous  and  will  not 
be  able  to  offer  users  enough  throughput,  or  other 
attributes  of  a  true  broadband  network,  in  some 
instances.  Over  the  next  year,  you  should  see  more 
plans  that  incorporate  both  WAN  and  wireless  LAN, 
even  with  common  connection  cards  and  clients. 

The  approach  of  3G  and  the  growing  availability  of 
Wi-Fi  provide  the  foundation  for  a  re-thinking  of  your 
remote-access  strategy,  If  this  happens,  mobile 
access  to  applications  other  than  e-mail  will  become 
more  widespread. 

—  Mark  Lowenstein 


level.  Doing  so  requires  two  steps.  First, you  must  develop  a  company-wide 
mobility  strategy  that  includes  a  holistic  view  of  wireless:  voice  and  data,  in¬ 
building  as  well  as  mobile,  and  including  plans  for  WANs  and  wireless  LANs. 
Second,  as  wireless  becomes  a  core  component  of  new  data  center  plans, 
you  must  deploy  wireless  to  a  much  larger  group  of  enterprise  users. 

10-point  evaluation  framework 

This  10-point  framework  will  help  you  determine  whether  it’s  time  to  dive 
into  enterprise  mobility  and  how  to  evaluate  vendor  solutions: 

1.  Enterprise  mobility  requirements.  We  define  a  mobile  worker  as  one 
who  is  away  from  his  primary  workplace  at  least  20%  of  the  time. 
Approximately  one-third  of  the  U.S.  workforce,  or  about  50  million  users,  falls 
into  this  category  Once  you  have  determined  whether  an  employee  is  a 
mobile  worker,  you  need  to  better  understand  his  particular  wireless 
requirements:  campus,  local,  regional,  national,  international. 

2.  Applications.  Does  the  employee  primarily  need  remote  access  plus 
mobile  e-mail  and  personal  information  management  —  meaning  access  to 
contacts  and  calendar?  Or  does  the  employee  need  more  vertically  orient¬ 
ed  solutions  such  as  field-force  automation  or  other  applications  that  might 

require  custom  development  or,  at  a  minimum, 
some  form  of  wireless  remote  access?  Also  con¬ 
sider  whether  the  employee  needs  constant 
connection  to  the  application  or  whether  he 
can  work  offline  and  then  remote  access  in  or 
synchronize  the  data. 

3.  Device  requirements.  This  does  not  have 
to  be  a  one-size-fits-all  solution.  For  applica¬ 
tions  with  high  input  requirements,  provide 
devices  with  qwerty  keyboards  or  perhaps 
some  level  of  voice  recognition.  For  heavy  use 
while  driving,  consider  a  good  car  kit  to 
improve  reception  and  provide  hands-free 
capability  Also  realize  that  some  data-centric 
devices,  such  as  the  Treo  and  the  Pocket  PC, 
require  a  fair  bit  of  two-handed  use  (stylus), 
while  others  such  as  the  BlackBerry  allow 
effective  one-handed  use. 

Keep  in  mind  that  the  pace  of  innovation  in 
devices  is  accelerating,  so  make  sure  you  have 
a  favorable  upgrade  program  in  place. You  will 
probably  want  to  change  phones  every  two 
years  on  average.  Note  that  if  you  want  3G,you 
will  need  a  new  phone  (or  new  PC  card)  when 
those  services  and  devices  launch  (see  related 
story  left).  Also  ensure  that  the  volume  discount 
program  you  negotiate  will  continue  if  new  sets 
are  purchased, as  most  companies  don’t  get  the 
same  “phone  is  almost  free”  program  as  con¬ 
sumers  enjoy 

4.  Network  requirements.  Recognize  that  for 
the  next  three  years,  we  still  will  be  dealing 


3G  outlook 

A  technology-by-technology  look  at  3G  rollouts. 


Network 

Data  speed 

Operator  status 

GPRS 

30K  to  60K  bit/sec 

Near  complete  GSM  network  coverage. 

EDGE 

75K  to  150K  bit/sec 

•  AT&T  has  deployed  across  most  of  network. 

•  Cingularto  launch  across  most  of  network  by  Q3  '04. 

•  T-Mobile  plans  uncertain. 

WCDMA/UMT 

Up  to  384K  bit/sec 

•  AT&T  to  deploy  minimum  of  four  markets  in  '04. 

•  Cingular  intends  to  deploy  in  2006-2007  time  frame; 
testing  this  year  in  Atlanta. 

CDMA  lx 

60K  to  80K  bit/sec 

Deployed  across  North  American  CDMA  networks. 

CDMA  lx 
EV-DO/DV 

300 K  to  500 K 
bit/sec 

•  Verizon  has  launched  in  two  markets  and  plans  to 
deploy  nationwide  by  year-end  2005. 

•  Sprint  PCS  to  deploy  in  most  markets  over 
next  two  years. 

WiDEN 

60K  to  80K  bit/sec 

Nextel  plans  to  launch  by  year-end. 

New  Data  Center 
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with  what  I  call  “mobility  islands."  From  a 
WAN  perspective,  2.5G  will  be  the  default 
network,  with  3G  —  lx  Evolution-Data 
Optimized  or  Universal  Mobile  Telecom¬ 
munications  Service  —  being  launched 
on  a  market-by-market  basis  over  the  next 
three  years.  Public  Wi-Fi  is  becoming  in¬ 
creasingly  available  in  Tier-1  locations, 
although  the  biggest  challenge  here  is  the 
fragmented  market  structure.  By  early  next 
year,  we  should  see  common  connection 
cards,  clients  and  even  devices  that  sup¬ 
port  both  WAN  and  802.1 1  WLAN.  For  the 
foreseeable  future,  neither  3G  WAN  nor 
802.11  will  be  ubiquitous,  so  ensure  users 
can  access  critical  applications  over  2.5G 
networks  in  some  sort  of  stripped-down 
version. 

5.  Corporate  liability,  or  not?  An  under¬ 
recognized  obstacle  to  larger-scale  deploy¬ 
ments  is  that  within  a  given  company  users 
are  on  a  hodgepodge  of  mobile  devices 
and  service  plans  that  they  have  selected 
personally, even  if  they  bill  back  to  the  com¬ 
pany  You  must  recognize  that  employees 
will  require  a  choice  of  handsets,  and  even 
carriers,  because  individual  preferences 
and  network  coverage  will  vary  Mandating 
a  particular  device  and  network  will  work 
only  for  a  highly  desired  or  mission-critical 
corporate  application. 

Another  issue  is  that  traditional  bound¬ 
aries  between  business  and  personal  use 
do  not  exist  in  wireless.  How  will  you  deal 
with  users  who  want  to  download  tunes, 
share  pictures  and  play  games  during  non¬ 
business  hours?  You  need  to  spearhead 
policy  development  for  this. 

6.  Support  structure.  Realize  that  the  more 
involved  the  devices  and  applications,  the 
greater  the  support  requirements.  Com¬ 
panies  are  all  over  the  map  in  providing 
support  to  their  mobile  workforce.  Is  this 
something  that  you  plan  to  do  internally? 
What  are  your  expectations  from  the 
sales/support  infrastructure  from  your  wire¬ 
less  operator  or  other  solutions  provider? 

7.  Security.  Not  a  deal-maker,  but  a  deal- 
breaker.  Mobile  VPN  support  has  matured 
significantly  and  IPSec  support  is  now  a 
minimum  requirement  for  enterprise  de¬ 
ployment.  We  will  move  toward  Secure 
Sockets  Layer  VPNs  over  the  next  three 
years.  Mobile  device  management  and 
security  are  becoming  increasingly  impor¬ 
tant  —  including  access  control,  inventory 
management,  intrusion  protection  and 
configuration  management.  At  the  least, 
make  sure  you  can  lock  down  Biack- 
Berries,  Palms  or  other  devices  loaded  with 
significant  amounts  of  corporate  data 
(such  as  e-mail  and  address  books)  if  they 
are  lost  or  stolen. 

8. Billing  and  account  management.  Al¬ 
though  billing  capabilities  have  improved 
to  map  to  corporate  needs,  we  still  need  a 
wave  of  business-to-business  management 
tools  that  let  IT  managers  better  access 
account  management  and  configuration. 

9.  Enterprise  application  vendors. 
Mobility  is  still  not  “core”  to  the  CRM/ERP 
applications  from  the  major  vendors  — 
Oracle,  PeopleSoft,  SAP  and  Siebel 
Systems. The  approach  to  mobility  varies 
significantly  from  one  vendor  to  another, 


with  some  supporting  an  offline/sync 
architecture  and  others  promoting  a 
more  connected  solution. Think  carefully 
about  these  two  frameworks  when  evalu¬ 
ating  vendors.  For  example,  does  a  new 
sales  order  need  immediate  input,  or  can 
that  wait  till  day’s  end? 

10.  Think  about  context.  Users  move 


through  multiple  islands  of  connectivity 
as  they  work  and  travel.  So  think  about 
what  can  be  accessed  or  delivered  to 
users,  depending  on  their  “state."  For  exam¬ 
ple,  they  won’t  be  able  to  download  a  big 
attachment  if  they  are  connected  at  dial¬ 
up  speed.  This  is  where  developments  in 
location  services,  presence  and  multi¬ 


modal  (such  as  voice  recognition  and 
text-to-speech)  applications  might  help 
optimize  the  mobile  experience. 

Lowenstein  is  managing  director  of  Mobile 
Ecosystem,  a  leading  consulting  and  adviso¬ 
ry  services  firm.  He  can  be  reached  at 
mlowenstein@m-ecosystem.  com. 


STOP  ASKING 

YOUR  APPLICATION  TO  DO 

THE  IMPOSSIBLE. 


THAT'S  THE  NETWORK'S  JOB. 


Web-based  applications  have  not  only  become  critical 
to  business,  they're  being  asked  to  do  what  no  one  imag¬ 
ined  a  few  short  years  ago.  To  run  better.  Faster.  Always  be 
accessible.  Handle  huge  amounts  of 
traffic  from  a  mushrooming  number 
of  different  devices.  Use  less  band¬ 
width.  Be  immune  to  the  theft  of 
sensitive  data,  and  block  increasingly 
malicious  security  attacks. 

In  response,  more  and  more 
functions  are  being  loaded  onto 
servers  -  requiring  more  servers.  And  applications  are 
forced  to  do  more  than  they  can  or  should.  Usually  with 
less  than  satisfactory  results. 

But  what  if  you  could  make  the  network  an  extension 
of  the  application?  And  the  network  could  handle  whatever 


the  application  asked  it  to  do?  What  if  each  could  interact 
intelligently  with  the  other  to  literally  work  as  one? 

Now  you  can.  In  fact,  you  can  get  all  the  application 

optimization,  availability  and  security 
you  need  in  one  cohesive  architecture 
that  you  can  customize  to  specific 
business  policies.  Right  at  the  critical 
juncture  where  your  application  con¬ 
nects  with  the  network  itself. 

It's  Application  Traffic  Management 
as  only  F5  provides  it.  A  networking 
solution  with  application  intelligence  you  can  easily 
adapt  to  your  needs.  No  matter  how  those  needs 
grow  or  change. 

For  more  information,  visit  our  Solution  Center  at 
www.f5.com/solutions/.  Or  call  866-440-0188. 


.THE 


New  Data  Center  spotlight  on  wireless 

>  WWW.NWFUSION.COM/NDC/WIRELESS  8.23.04 


spot! 


Three  early  adopters  tell  how  they’ve  paired  VoIP 
and  WLANs  as  part  of  their  new  data  center  plans. 


VoIP  and  WLAN 


new  combo 


■  BY  PAUL  KORZENIOWSKI 


ss  ireless  LANs 
.  and  VoIP  are 
■  '  two  new  data 
center  hotties  gaining  admirers 
because  of  the  productivity 
improvements  they  offer.  No 
surprise,  then,  that  a  growing 
number  of  companies  are  pair¬ 
ing  these  stars  —  and  so  far,  the 
union  is  proving  much  stronger 
than  J.Los  and  Ben’s  had  been. 


“Now  that  VoIP  has  proven  itself  to  be  a 
viable,  easy-to-use  technology  enterprises 
are  searching  for  ways  to  leverage  its  capa¬ 
bilities,  and  one  way  is  to  run  it  over  their 
WLANs,” says  Allen  Nogee,  a  principal  ana¬ 
lyst  with  In-Stat/MDR.  The  research  firm 
found  only  60,000  VoIP  handsets  were 
deployed  on  WLANs  in  the  U.S.in  2003,  but 
that  almost  half  the  companies  it  surveyed 
are  examining  the  technology  for  future 
deployment. 

Pacific  Sunwear  of  California,  Condell  Medical  Center  and  the  town  of 
Ocean  City,  Md.,  are  among  early  adopters  of  VoIP  over  WLANs.The  attrac¬ 
tion  for  VoIP  over  WLAN  differs  among  them,  but  all  have  reaped  benefits 
from  their  installations.  Even  call-quality  issues  haven’t  dampened  their 
enthusiasm  for  the  technology 

A  sunny  forecast 

For  PacSun,  an  Anaheim,  Calif.,  specialty  retailer  of  teen  apparel,  acces¬ 
sories  and  shoes,  WLAN  technology  came  into  play  as  it  moved  into  new 
headquarters  and  distribution  center  buildings.  “Because  of  our  rapid 


Ron  Ehlers,  vice  president  of  IS 
at  PacSun,  has  found  VoIP  over 
WLAN  the  perfect  fit  for  this  teen 
retailer's  new  data  center  plans. 


expansion,  we  have  been  tripling  in  size  and  outgrowing  our  building 
requirements  every  four  years,”  says  Ron  Ehlers,  vice  president  of  IS  at 
PacSun,  which  operates  more  than  900  stores  in  the  U.S.“in  2002  for  the  first 
time,  we  had  the  opportunity  to  build  the  corporate  offices, data  center  and 
distribution  center  the  way  we  wanted.  Previously,  we  had  to  fit  our  require¬ 
ments  into  existing  buildings.” 

The  company  went  with  Cisco  Aironet  WLAN  access  points  in  its  corporate 
office,  which  has  300  users,  and  Symbol  Technologies  handheld  and  truck- 
mounted  systems  for  its  warehouse,  which  has  about  150  employees.  Initially 
the  11M  bit/sec  802.11b  links  were  used  only  for  data  applications.  When 

See  VoIP,  page  S8 


Keeping  track  of  assets  has  always  been  important. 
Now  wireless  networks  can  track  devices  and  people. 


Location  in  wireless  networks  is  much  more  than  approximating 
clients  down  to  the  nearest  access  point.  Airespace  helped  set 
the  standard  for  location  to  less  than  10  meters,  but  that  was 
not  enough.  Our  outstanding  RF  technology  leadership  in  the 
Wireless  LAN  market  allows  us  to  innovate  even  more,  adding 
even  more  capabilities  to  our  product  lines  including  WLAN 
RFID  tags  for  asset  tracking. 


Using  the  same  infrastructure  that  carries  your  data,  you  can 
now  track  your  WLAN  clients  and  your  WLAN  RFIDs  to  within 
a  few  meters.  Notebook  computers,  crash  carts  in  hospitals, 
even  machine  tools  on  a  factory  floor  are  all  trackable  with 
Airespace  Wireless  Location  Services. 

For  more  information,  see  www.airespacelocationservices.com 
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VoIP 

continued  from  page  S6 

traveling  to  department  meetings,  corporate  em¬ 
ployees  used  laptops  to  access  and  analyze  infor¬ 
mation, such  as  individual-store  sales  data  or  prod¬ 
uct  pricing.  In  the  warehouse,  employees  used 
portable  scanners  to  examine  inventory  data. 

The  network  design  paid  big  dividends,  espe¬ 
cially  in  the  distribution  center,  Ehlers  says. 

“In  our  old  facility  our  warehouse  management 
system  was  an  antiquated  manual  system,”  he 
says.“The  new  building  has  an  automated,  paper¬ 
less  system,  and  since  we’ve  been  in  it,  we  have 
grown  by  160  stores,  but  our  distribution  center 
costs  as  a  percent  of  sales  have  gone  down.” 

Yet  this  bright  tale  came  with  two  dark  sides. 
Employees,  especially  those  in  the  distribution 
center  and  network  service  center,  spent  a  lot  of 
time  away  from  their  desks  and  missed  important 
calls.  PacSun  looked  at  various  options,  including 
wireless  radio  systems,  walkie-talkies  and  cellular 
services.  All  were  expensive  and  would  have 
required  additional  infrastructure  investments. 
The  retailer  had  an  Avaya  Definity  PBX,  but  its 
802. 1 1  b  option  was  based  on  a  proprietary  design 
that  would  have  required  new  access  points. 

In  sifting  through  his  e-mail,  Ehlers  saw  a  press 
release  from  Spectralink,  a  vendor  about  which 
he  knew  nothing. The  company  said  its  products 
worked  with  major  PBXs  and  ran  over  802.11b 
networks,  so  he  called. “The  company’s  sales  rep¬ 
resentatives  brought  the  products  into  our  con¬ 
ference  room,  unplugged  a  wired  connection, 
made  a  few  adjustments  to  the  PBX  and  had  a 
working  WLAN  phone  in  less  than  half  an  hour” 
says  Ehlers, who  has  outfitted  about  30  employees 
with  the  new  phones. 

Call  quality  while  initially  not  an  issue, 
became  the  second  dark  side  as  WLAN 
traffic  increased  “We  have  areas  in  the  data 
center,  near  the  network  services  team,  and 
in  a  few  conference  rooms  where  man¬ 
agers  are  constantly  working  with  laptops,” 

Ehlers  says.’As  we  placed  more  devices  in 
those  areas,  users  encountered  garbled 
connections  and  dropped  calls,  especially 
when  they  moved  from  one  access  point 
to  another” 

After  conducting  a  site  survey  Cisco  rec¬ 
ommended  increasing  the  number  of 
access  points  from  16  to  about  25.  PacSun 
was  determining  where  to  station  more 
access  points  when  Ehlers  came  across 
Meru  Networks,  whose  access  points  rely 
on  proprietary  technology  to  squeeze  out 
more  (as  many  as  five  times  more)  con¬ 
nections  over  a  typical  802.11b  LAN. 
Swapping  out  the  16  Cisco  access  points 
for  the  Meru  gear  also  let  the  retailer 
deploy  a  guest-access  capability  so  clients 
or  partners  can  access  the  Internet  while 
at  the  retailers’  offices. 

The  right  prescription 

Product  obsolescence  led  to  a  VoIP-over- 
WLAN  deployment  at  Condell  Medical  Center,  a 
community  hospital  in  Libertyville,  Ill.,  with 
about  200  beds  and  2,700  employees.  To 
improve  patient  care,  the  medical  center  pro¬ 
vided  nurses  with  laptop  computers  and  wire¬ 
less  phones  connected  to  an  Avaya  Definity 


PBX  in  2001.  Not  only  were  the  nurses  able  to 
enter  patient  data,  such  as  temperatures  and 
medication  at  the  bedside,  but  doctors  and 
nurses  also  could  communicate  more  easily. 

When  the  PBX  vendor  decided  to  drop  its  pro¬ 
prietary  wireless  phones  for  WLAN  phones  in 
2003,  the  hospital  decided  to  follow  suit.  However, 
cost  was  an  issue:  The  VoIP  phones  cost  about 
$700  each,  and  the  hospital  had  to  tack  on  anoth¬ 
er  $200  to  $300  per  phone  for  batteries,  chargers, 
cases  and  other  accessories.“We  decided  to  bun¬ 
dle  our  VoIP  costs  in  as  part  of  a  $90  million 
expansion,  for  our  emergency  department,  inten¬ 
sive  care  unit  and  a  new  women’s  center  and 
spa,”  says  Susan  Mesmer,  communications  super¬ 
visor  at  the  healthcare  provider. 

The  hospital  has  about  325  nurses,  technicians, 
transportation  staff  and  managers  working  with 
mobile  phones.  When  they  started  to  work  with 
the  VoIP  phones  at  the  end  of  2003,  call  quality 
became  an  issue. 

“Nurses  found  intermittent  jitter  on  lines  in 
high  traffic  areas;  the  problems  were  quite  clear 
whenever  they  moved  from  one  access  point  to 
another;’  Mesmer  says. 

This  year,  the  hospital  increased  the  number  of 
access  points  from  25  to  45  and  tweaked  its  net¬ 
work  so  VoIP  calls  receive  the  highest  priority  for 
network  bandwidth.  These  steps  assuaged  all  of 
the  call-quality  concerns. 

Catching  the  wave 

The  town  of  Ocean  City  which  sits  on  a  4-mile-by- 
10-mile  island,  found  an  unusual  application  for 
VoIP  over  WLAN:  its  backbone  network.The  muni¬ 
cipal  agency  supports  about  400  users  in  17  di¬ 
verse  locations  ranging  from  a  skateboard  park  to 


a  police  department.  In  the  summer  of  2002, it  had 
two  telecom  challenges:  It  needed  more  band¬ 
width  for  new  applications,  such  as  a  Geographic 
Information  System  that  would  send  large  graphic 
files  from  user  to  user,  and  its  phone  systems  (each 
agency  picked  its  own)  were  inefficient. 

To  solve  the  problems,  the  town  totally  re¬ 
vamped  its  telecom  framework.  For  its  voice 
needs,  the  town  selected  Avaya’s  8700  IP  PBX  and 


problem.  .  .  .  For 
me,  that  verified 
that  VoIP  over 
WLAIM  technology 
is  quite  stable. 

—  Gail  Weldin,  network  manager  for 
the  town  of  Ocean  City,  Md.,  speaking 
of  a  three-hour  conference  call  the 
town  conducted  to  test  the  network 

half  a  dozen  distributed  nodes  that  support  450 
extensions,  which  are  mainly  IP  phones  but 
include  a  few  fax  modems.  For  the  backbone 
network,  the  city  put  in  Proxim  dual-backbone 
54M  bit/sec  WLAN  radios,  in  a  point-to-multipoint 
configuration  with  radio  antennas  placed  on  top 
of  a  series  of  water  towers  that  line  the  island. 

It  selected  Business  Information  Group,  a  York, 

Pa.,  reseller  for  the  job,  which  was  completed  in 
April  2004.  “During  the  evaluation  process,  it  be¬ 
came  clear  that  a  few  bidders  planned  to  rely  on 
subcontractors  for  the  installation,”  says  Gail 
Weldin,  Ocean  City  network  manager.  “Because 
our  configuration  was  unique,  we  wanted  the  pri¬ 
mary  contractor  to  take  care  of  any  installation 
problems  directly’ 

Because  the  network  supported  vital  voice  and 
data  transmissions,  network  management  was 
important.The  primary  source  needed  to  be  able 
to  supply  24-7  monitoring,  but  many  had  network 
operations  centers  that  only  operated  from  8  a.m. 
to  5  p.m.,  Monday  through  Friday  And  if  a 
problem  arose,  the  town  needed  techni¬ 
cians  who  could  scale  the  water  towers 
and  tinker  with  the  network  equipment. 

In  some  cases,  vendors  would  have  made 
the  city  wait  three  or  four  days  for  a 
climber,  an  unacceptable  timeframe. 

The  new  system  represents  a  $1.2  mil¬ 
lion  investment,  an  expense  the  town 
expects  to  recoup  in  five  years,  Weldin 
says.  By  eliminating  a  few  frame  relay 
and  T-l  lines,  the  municipal  agency  cut 
its  annual  telecom  costs  by  $90,000. 
Employees  now  take  care  of  any  adds, 
moves  and  changes  —  tasks  that  Verizon 
previously  did. 

Initially  Ocean  City  employees  encoun¬ 
tered  what  Weldin  termed  “gobbledy- 
gook”  on  their  connections.  After  some 
testing,  the  town  discovered  the  interfer¬ 
ence  problems  stemmed  from  Verizon’s 
T-l  line.  After  that  line  was  reconfigured, 
the  problems  disappeared. 

Weldin  points  to  a  three-hour  confer¬ 
ence  call  among  three  groups  of  engi¬ 
neers,  including  one  vendor’s  team  on  the 
West  Coast,  as  a  measure  of  the  network’s  stability 

“We  loaded  up  the  network  to  test  its  through¬ 
put,  and  there  was  not  a  beep,  an  echo  or  a  prob¬ 
lem  the  entire  time.  For  me,  that  verified  thatVoIP- 
over-WLAN  technology  is  quite  stable,” she  says. 

Korzeniowski  is  a  freelance  writer  in  Sudbury, 
Mass., specializing  in  technology  issues.  He  can  be 
reached  at  paulkorzen@aol.com. 


VolP-over-WLAN  deployment  tips 

*  Find  a  vendor  experienced  in  both  WLANs 
and  VoIP. 

•  Conduct  a  site  survey  that  identifies 
probable  WLAN  voice  and  data  users  and 
their  usage  patterns. 

*  Place  access  points  to  achieve  sufficient 
overlap  between  locations. 

•  Identify  potentially  congested  areas  and 
plan  for  additional  access  points  there. 

«  Be  prepared  for  jitter  and  call  dropping 
when  the  network  is  first  installed. 

»  Monitor  network  usage  to  identify  bottlenecks. 

«  Re-examine  your  network  configuration 
every  three  months  and  expect  to  make 
changes  once  or  twice  per  year. 
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. . .  and  accessing  them  wirelessly 


Advances  in 
wireless  nets 
and  mobile 
computing 
now  make  it 
possible  to 
separate  line-of- 
business 
applications 
from  enterprise 
desktops. 


■  BY  JOHN  COX 


The  Bekins  Company  is  driving 
m<uor  gains  in  efficiency  with 
its  cellular-based  business 
application,  says  Randy 
Valentino,  CTO. 


he  truck  driver  makes  a  right  turn  while  his  partner  uses  his  Intermec  760  wireless  handheld  to 
punch  up  data  on  their  next  delivery  Besides  directions  and  order  details,  he  finds  a  text  note: 
“Beware  of  large  dog.”  Calling  the  customer  from  his  cell  phone,  he  tells  her  the  truck  is  just  a  few 
minutes  away  —  and  asks  her  to  leash  the  dog. 


Small  details  like  these  are  adding  up  to  a  big  competitive  advantage  for 
The  Bekins  Company’s  HomeDirectUSA  division  and  its  network  of  75 
independent  delivery  agents.  With  accurate  address  data  and  a  real-time, 
two-way  cellular  data  link,  Bekins’  new  Service  Tracking  Automated  and 
Routing  System  (STARS)  is  boosting  efficiency  by  about  20%  at  Cardinal 
Transportation,  says  Gregg  Bennett,  president  of  this  Richmond, Va.,  Bekins 
agent. 

“That’s  a  tremendous  plus  for  us. The  [traditional  voice]  communications 
between  drivers,  dispatchers  and  [route]  planners  is  very  time-consuming,” 
says  Bennett,  who  participates  in  a  committee  overseeing  this  Bekins  pro¬ 
ject.  The  wireless  data  connection  automates  much  of  this,  simplifying  and 
speeding  up  these  information  exchanges. 

Bekins  expects  STARS  to  smooth  “final-mile”  delivery  processes  such  as 
picking  up  products  and  checking  customer  availability,  says  Randy 
Valentino,  CTO  at  the  Hillside,  Ill.,  company  While  at  the  agent’s  distribution 
center,  the  delivery  team  can  tap  into  a  wireless  LAN  (WLAN)  to  access  rout¬ 
ing  and  dispatch  data  on  an  enterprise  server  running  Microsoft  SQL  Server. 
On  the  road,  the  delivery  team  uses  a  cellular  data  link  to  access  order  and 
shipping  manifest  data  in  an  IBM  DB2  database  at  Bekins’  mainframe  data 
center.And  at  delivery,  handheld  at  the  ready  drivers  can  confirm  other  ser¬ 


vices  such  as  unpacking, setup  and  cleanup;  note  exceptions  or  returns;  and 
take  an  electronic  signature  from  the  customer  as  proof  of  delivery 

STARS  reflects  the  growing  sophistication,  affordability  and  simplicity  of 
wireless  technology  And  it  shows  the  growing  willingness  to  use  wireless  for 
line-of-business  applications,  the  lifeblood  of  business.  As  Valentino  says  of 
STARS, “This  project  was  conceived  as  wireless  from  the  start.” 

Mobility-enabling  the  enterprise 

Indeed,  network  executives  increasingly  are  making  mobility  a  part  of  their 
new  data  center  architectures.  Like  at  Bekins,  they’re  delivering  applications 
to  mobile  workers,  either  pushing  data  out  to  them  or  collecting  new  data 
from  them  via  WLAN  or  cellular  data  connections. 

“Mobility  is  about  bringing  business  applications  out  to  the  point  of  activi¬ 
ty  says  Jeremy  Platt,  national  mobility  practice  director  for  Dimension  Data, 
a  systems  integrator  in  Reston,Va.The  point  of  activity  might  be  in  a  truck  or 
a  customer’s  facility  or  it  might  be  within  the  company  such  as  wireless  sup¬ 
port  for  doctors  at  patient  bedsides  or  for  tech  support  staff  servicing  desk¬ 
top  PCs  and  network  gear. 

Willingness  to  push  mobility  and  wireless-enable  corporations  comes  with 

See  Wireless,  page  SI  2 
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breakthrough: 


CANOBEAM  COMBINES  HIGH-TECH  WITH  LOW  PRICES. 


Auto  Tracking  Feature 
in  all  models 


High  speed  economical 
transmission  up  to  1.25Gbps 

Provides  High-quality,  reliable 
wireless  communications 
up  to  2km  with  Auto  Tracking 

Requires  no  radio  frequency 
allocations,  permits  or  licenses 

Highly  secure  data  links 

Protocol  independent,  like 
fiber  optic  cable 

installation  and  operating  cost 
are  much  lower  than  installing 
fiber  optic  cable 


canobeAm 

DT-100  Series 


•  Economical  FSO  for  data 
transmission  from  20m  to  500m 

•  Wide  range  of  data  speeds  from 
25Mbps  to  156Mbps 

•  Auto  Tracking  Feature 

•  DT-MNG100,  Management  Board 
built-in 


•  Provides  high-quality,  reliable 
wireless  communications  from 
100m  to  2km 

•  Wide  range  of  data  speeds  from 
25Mbps  to  156Mbps 

•  Auto  Tracking  Feature 

•  DT-MNG100;  Management  Board 
built-in 


•  State-of-art  data  transmission  at 
1.25Gbps  for  Gigabit  Ethernet  network 

•  Transmission  distance  from  100m 
to  1000m 

•  3R  Function  (Re-shaping,  Re-timing, 
Re-generating) 

•  Auto  Tracking  Feature 

•  DT-MNG100,  Management  Board  built-in 


Find  out  more  at  canobeam.com 

1-800-321-4388  (Canada:  905-795-2012) 


KNOWHOW 
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continued  from  page  S10 

maturation  of  necessary  technologies,  Platt  says. 
“You  can  create  a  much  more  stable  environment 
for  [wireless]  users,  and  you  don’t  have  to  worry 
so  much  about  managing  it,”  he  says. 

Particularly  important  has  been  the  launch  of 
middleware  products  —  and  approaches  — 
developed  especially  for 
mobile  and  wireless  com¬ 
puting.  Today,  middleware  is 
streamlined  into  relatively 
easy-to-deploy,  third-party 
applications  or  extended  to 
mobile  clients  from  the  exist¬ 
ing  enterprise  middleware 
infrastructure  (see  www. 
nwfusion.com,  DocFinder: 

2943). 

Wireless  middleware  is  typi¬ 
cally  lighter  weight  than  the 
traditional  middleware  prod¬ 
ucts  used  to  connect  land¬ 
line  clients  with  the  back-end 
infrastructure.  Such  light¬ 
weight  middleware  can  great¬ 
ly  simplify  the  task  of  creating 
smart  client  applications  that 
connect  to  enterprise  data 
and  applications. 

A  traditional  middleware 
layer,  including  communica¬ 
tions  servers,  proved  to  be  a 
problem  for  Bekins  and  its 
wireless  deployment.  “It  was 
taking  15  to  20  minutes  to  get 
data  from  the  handhelds  to 
the  back-end  databases,” 

Valentino  says.  “We  couldn’t 
afford  those  time  delays.”  So 
Bekins  stripped  out  that  mid¬ 
dleware  in  favor  of  a  newer 
approach.  Now  transactions 
created  on  the  handhelds  are 
funneled  to  the  DB2  data¬ 
base,  for  example. 

Making  middleware 
mobile 

Mobile  middleware  from  Aeroprise  is  proving  a 
healthy  solution  for  the  Fred  Hutchinson  Cancer 
Research  Center  in  Seattle,  which  needed  to  give 
help  desk  and  tech  support  staff  wireless  access 
to  the  Remedy  trouble-ticket  system  it  has  long 
used  for  reporting  PC  problems,  network  faults 
and  application  glitches.  While  a  helpful  tool, 
Remedy  had  been  anchored  to  IT  desktops, 
which  caused  problems. 

That  meant  a  team  of  about  20  technicians  had 
to  trek  back  and  forth  across  a  seven-building 
campus  to  deal  with  support  calls.  As  a  result, 
doctors  and  staff  complained  of  long  waits.  By 
late  2003,  those  users  were  close  to  revolt,  says 
Bruce  Steinberg,  Remedy  administrator  at  Fred 
Hutchinson. 

The  Aeroprice  Mobile  Application  Gateway  has 
a  set  of  ready-to-use  adapters,  or  programs,  that 
talk  to  the  back-end  application,  in  this  case 
Remedy  via  that  application’s  programming  inter¬ 
face. 

The  gateway  includes  a  rules  engine  and  one 
GUI  for  network  administrators  and  another  for 


end  users.  Using  these  graphical  tools,  users  can 
design  their  own  task  workflow  and  select  for 
each  step  a  subset  of  Remedy  data  that  is  to  be 
sent  via  the  center-wide  802.1  lb  WLAN  to  client 
handhelds. 

Fred  Hutchinson  has  equipped  the  tech  staff 
with  Dell  Axiom  handhelds  running  Windows 
Fbcket  PC  2003.“0ur  technicians  log  into  a  Web 
page  [over  the  WLAN]  and  get  the  information 


they  need  in  an  easy-to-read  table  format,” 
Steinberg  says.  “They  can  drill  down  for  more 
information,  make  notes  and  then  update  or 
close  the  trouble  ticket.” 

Since  the  tech  support  group  received  wireless 
Remedy  access  in  January  it  has  met  service-level 
agreements  nearly  100%  of  the  time,  Steinberg 
says.  This  compares  with  85%  of  the  time  in  the 
past.“You  can’t  find  our  tech  support  staff  here  in 
the  office  [now]  because  they’re  always  out  in 
the  field,”  he  adds. 

Mobile  middleware  also  is  proving  essential  at 
Marshfield  Clinic,  a  healthcare  group  practice  of 
39  centers  serving  much  of  Wisconsin. “We  want 
to  take  the  patient’s  electronic  medical  record 
and  bring  it  into  the  examining  room,”  says  Carl 
Christensen,  CIO  for  the  clinic  in  Marshfield, Wis. 

Marshfield  Clinic  is  pilot-testing  a  deployment 
that  gives  doctors  wireless  access  to  object-ori¬ 
ented  patient-care  and  clinical  applications  via 
Fujitsu  wireless  PC  tablets  running  Microsoft  XP 
Tablet  Edition.  Object  broker  middleware  pro¬ 
vides  connectivity  between  the  tablet-based 


applications  and  an  array  of  back-end  servers 
and  databases. 

Mobility  middleware  from  NetMotion  Wireless 
lets  doctors  move  freely  about  clinic  facilities 
without  losing  their  wireless  connections. 
NetMotion  Mobility  client/server  software,  creates 
a  VPN  that  lets  wireless  clients  roam  across  wired 
and  wireless  nets,  and  between  subnets,  while 
keeping  the  session  intact.“My  goal  was  to  let  our 
physicians  roam  seamlessly 
anywhere  on  our  campuses,” 
Christensen  says.  With  Net- 
Motion,  doctors  can  access 
medical  data  via  a  clinic  or 
partnering  hospital  WLAN, 
from  a  desktop  docking  sta¬ 
tioner  even  while  at  home. 

The  clinic  has  created  cel¬ 
lular-like  WLANs  —  almost 
doubling  the  number  of 
access  points  you’d  find  in  a 
typical  WLAN  —  to  create  a 
pervasive  wireless  blanket  at 
each  site.  Wherever  they  are 
or  whenever  they  want,  doc¬ 
tors  can  access  forms  and 
records.  The  design  also 
ensures  doctors  have  a  wire¬ 
less  link  even  if  their  initial 
access  point  fails. 

WLANs  unleash  apps 

Just  as  some  WLAN  designs 
become  more  cellular-like, 
cellular  nets  are  becoming 
more  LAN-like  as  their  band¬ 
width  increases.  Cellular  data 
services  such  as  Enhanced 
Data  Rates  for  GSM  Evolution 
and  Code  Division  Multiple 
Access,  with  respective  data 
rates  of  up  to  130K  bit/sec 
and  300K  to  500K  bit/sec, 
make  it  possible  to  ship  more 
data,  or  ship  it  faster,  to  sup¬ 
port  more  complex  applica¬ 
tions,  and  to  execute  many 
transactions  nearly  in  real 
time. 

In  the  Bekins  case,  cellular 
data  connection  gives  drivers  instant  access 
from  almost  anywhere  to  the  mainframe-based 
order  data.  And  when  a  driver  captures  a  cus¬ 
tomer  signature,  billing  is  triggered  immediately 
Until  now,  this  was  a  manual  process  that  usual¬ 
ly  waited  until  the  next  day,  after  the  driver  had 
returned,  filed  paperwork  and  keyed  the  data 
into  a  computer,  says  Bennett  of  Cardinal 
Transportation.  “With  the  new  system,”  he  says, 
“we’ll  speed  up  our  cycle  time  by  at  least  24 
hours.” 

Advances  in  wireless  nets  and  mobile  comput¬ 
ing  now  make  it  possible  to  unmoor  line-of-busi- 
ness  applications  that  until  recently  could  be 
used  only  by  workers  at  desktop  PCs.  Now  those 
applications  with  their  data  and  transactions 
can  be  shifted  into  the  hands,  or  even  one  hand, 
of  workers  on  the  move,  via  WLANs  or  the  new 
generation  of  cellular  data  nets. 

Forward-looking  network  executives-  already 
are  exploring  potential  business  benefits  such  as 
increased  revenue,  lower  costs  and  improved 
customer  service.  ■ 


Rethinking  apps  for  wireless  use 

Don’t  let  bad  application  design  squash 
attempts  to  mobilize  corporations. 

When  it  comes  to  the  success  or  failure 
of  mobility-enabling  an  enterprise  applica¬ 
tion,  paying  attention  to  application  design 
could  make  all  the  difference,  says  Todd 
Berner,  a  managing  director  at  Dimension 
Data,  a  systems  integrator  in  Reston,  Va.  "The 
GUI  [for  handheld  devices]  needs  to  be  more 
driven  by  the  workflow  and  activities  of  the 
user,”  he  says.  "This  is  not  the  traditional  way  of 
thinking  about  these  applications.” 

Ease  of  use  was  foremost  on  mind  for  The 
Bekins  Company  when  it  decided  to  wireless- 
enable  truck  drivers  for  its  HomeDirectUSA  divi¬ 
sion.  Knowing  the  drivers  weren't  PC-literate,  “we  went  through  painstak¬ 
ing  effort  in  our  application  design,  so  there’s  hardly  any  decision-making 
for  the  drivers,”  says  Randy  Valentino,  CTO  at  the  Hillside,  III.,  company. 

When  a  Bekins  agent  picks  up  his  handheld  device  to  enter  or  access 
information,  he  is  guided  through  each  process  via  a  wizard-like  design 
built  into  simple  screens,  Valentino  says. 

Application  design  also  factored  heavily  into  the  wireless  project  at 
Marshfield  Clinic,  in  Marshfield,  Wis.  Years  ago,  the  clinic  designed  physi¬ 
cian  applications  with  minimal  keystrokes  —  an  ease-of-use  factor  it  need¬ 
ed  to  take  into  account  for  the  wireless  application,  says  Carl  Christensen, 
CIO  at  the  clinic. 

So  when  using  their  wireless  PC  tablets,  Marshfield  Clinic  doctors  typi¬ 
cally  select  from  drop-down  lists  that  have  been  carefully  arranged  to  be 
simple  to  find  and  follow.The  tablets  also  feature  enlarged  toolbar  buttons 
and  support  for  an  “active  stylus"  that  lets  the  doctors  enter  handwritten 
messages,  annotations,  instructions  and  signatures. 

—  John  Cox 


YOU’VE  BEEN  WAITING 
FOR  THE  NEXT  GENERATION  OF  NETWORKING 
AND  ALL  THIS  TIME,  IT’S  BEEN  RIGHT  THERE  WAITING  FOR  YOU 

Within  your  notebooks,  PDAs  and  networking  gear  are  chips  that  enable  you  to  more  securely  unleash  the  full  power  of  high-speed  wireless 
networking.  When  Dell,®  HP,®  palmOne®  and  Sony  Ericsson®  are  looking  for  the  best  performance,  they  turn  to  Broadcom.®  In  fact,  our 
54g™  wireless  LAN  chips  are  available  in  over  95%  of  major  notebook  brands  offered  with  802.1  Ig.1  And  with  Broadcom  you  can  expect 
interoperability  among  802.1  la/b/g  networks  and  powerful  security  for  your  wireless  LAN,  with  CCX,  WPA,  and  AES  technologies  built  in. 
Whether  you’re  on  a  wireless  PAN,  LAN  or  WAN,  Broadcom  solutions  ensure  the  devices  you  use  today— and  those  you  add  tomorrow— will 
connect  reliably,  seamlessly  and  securely. 


Learn  how  your  existing  infrastructure  can  adapt  to  emerging 
wireless  technologies  that  require  faster,  safer  networks  designed  for 
diverse  mobile  devices.  Download  Chapter  3,  “Extending  Enterprise 
Networks  With  Wi-Fi®,”  from  our  Architecting  Next-Generation 
Networks  e-book,  now  at  www.gobroadcom.com/ebook 


Dadcom,*  the  pulse  logo.  Connecting  everything,*  the  Connecting  everything  togo  and  54g' 
*  trademarks  of  Broadcom  Corporation  and/or  its  subsidiaries  m  the  United  States  and 
e  the  property  of  the*  respective  owners. 


July-August.  2003:  U.S.  retail  shipments. 


PUT  IT  IN  THE 
SERVER  ROOM. 

pppi  T  |M  THF 

BOARDROOM. 


'Requires  Advanced  POWER  Virtualization  option.  Available  on  select  models.  IBM.  the  e-business  logo,  eServer,  the  eServer  logo,  AIX  5L,  IBM  Virtualization  Engine,  Micro-Partitioning,  Power 
Architecture  and  POWER  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  UNIX  is  a  registered  trademark  of  The 


Meet  the  IBM  eServer™  p5  system  -  the  game-changing  UNIX*  server  that  can  bring  instant  agility  to  your  business. 

With  advanced  IBM  Virtualization  Engine™  technology  options,  the  eServer  p5  system  is  the  only  UNIX  server  with  breakthrough 
Micro-Partitioning™  capabilities.  It  can  automatically  balance  resources  among  virtual  partitions  in  milliseconds.1  On  demand. 
It  configures  and  adapts  on  the  fly.1  Add  apps.  Add  users.  Add  capabilities.  At  any  time.  And  gain  business  agility  just  like  that. 
You  need  to  learn  more.  More  about  all  the  benefits  of  eServer  p5  systems  at  ibm.com/eserver/boardroom 


5  reasons  why  IBM  eServer  p5  systems  with  Power  Architecture 

™  technology  rule  in  UNIX  computing. 

Flexible,  fifth-generation 
POWER ”  processors. 

Capacity  on  Demand.2 

Runs  IBM  AIX  5LU 
and  Linux * 

Advanced  system 
utilization. 

Virtual  servers  as  small 
as  1/10  of  a  processor.1 

@  server 

"<5> 


The  IBM  eServer  p5  system  delivers 
agility,  company-wide. 


Open  Group  in  the  United  States  and  other  countries.  Linux  is  a  trademark  of  Linus  Torvalds  in  the  United  States,  other  countries,  or  both.  Other  company,  product  and  service  names  may  be  trademarks  or  service 
marks  of  others.  ®  2004  IBM  Corporation.  All  rights  reserved. 


Using  virtualization  technology  to  pry  apps 
away  from  dedicated  physical  resources  can 
have  an  added  benefit:  DR  on  the  cheap. 


BY  JULIE  BORT 

Wf  hile  most  network  executives  are  looking  at  server  virtualization  to  reduce  hardware  costs,  the 
technology  also  could  offer  a  budgetary  bonus:  less-expensive  disaster  recovery  With  disaster-facil¬ 
ity  contracts  easily  costing  upward  of  $30,000  per  month,  killing  off  that  budget  line  item  is  tempting. 

“One  of  the  hardest  parts  budget-wise  [in  IT]  is  disaster  recovery  and  They  have  network  connections  between  the  two  sites.  Their  virtual- 
its  incredible  price  tag.  Traditionally,  you  had  to  duplicate  everything  ization  and  load-balancing  software  would  let  one  server  or  SAN  take 
you’ve  got  in  one  data  center  to  another  and  then  pray  that  you  never  over  for  another  almost  instantly  if  a  short-term  failure  occurs  (from 
have  to  use  it,”  says  Jason  Brougham,  enterprise  network  manager  for  routine  maintenance  to  a  few  hours  of  blackout). 

American  Medical  Response,  a  Greenwood  Village,  Colo.,  ambulance  Network  executives  easily  can  make  the  common-sense  leap  for  full- 
service  company  with  18,000  employees  and  255  locations  nationwide,  fledged  in-house  disaster  recovery.  If  servers  float  away  in  a  storm  or 
“The  only  way  you  can  afford  to  build  true  disaster  recovery  is  to  run  are  otherwise  permanently  damaged,  one  data 
hot  to  hot,  with  both  data  centers  active  all  the  time  on  servers  using  center  can  become  the  backup  for 
virtualization.”  another.  Even  if  you  don’t  bring 

Companies  with  virtualized  servers  and  storage-area  networks  (SAN)  disaster  recovery  completely  in- 
in  disparate  data  centers  already  have  most  of  the  pieces  in  place  to  house,  virtualization  can  help 
take  on  in-house  disaster  recovery:  They  have  a  potential  back-up  loca-  save  money  on  the  facility 
tion  in  a  faraway  spot  (that  likely  won’t  be  affected  by  the  disaster).  See  Disaster  recovery,  page  SI 8 
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FSM7326P 

24+2  L3  10/100  Managed  Switch  w/PoE 


Get  more  Layer  3  PoE 
with  less  out  of  pocket 


Cost  Per  Port' 


$102 . 
$67 
$45 
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Cisco  3Com  ■  NETGEAR 

3550  PWR  4400  PWR  FSM7326P 


’  Cost  comparison  based  on  July  6, 2004  pricing  from 
the  Internet  shopping  site  CDW.com 


At  significantly  less  than  comparable  switches,  NETGEAR® 
has  the  perfect  combination  of  performance  and  value 

High  performance  for  less  money-that's  what  NETGEAR's  FSM7326P  24+2  Layer  3  Power-over-Ethernet  (PoE) 
managed  switch  delivers.  Performance,  reliability  and  affordability  are  what  growing  companies  of  all  sizes  are 
demanding,  and  NETGEAR  is  meeting  the  demand  with  the  FSM7326P.  Enabling  standards  based  Voice-over-IP 
(VoIP),  wireless  access  points  and  security  cameras,  NETGEAR's  Layer  3  PoE  switch  grows  with  your  network. 
With  NETGEAR's  experience,  support,  Layer  3  capabilities,  and  full  line  of  managed  switches, 
more  and  more  companies  are  finding  out  that  paying  less. ..means  more. 


Get  a  $100  instant  rebate!  For  more  information  go  to  http://www.netgear.com/go/eupoe 


©2004  NETGEAR,  Inc.  NETGEAR  is  a  registered  trademark  and  "Everybody's  connecting."  is  a  trademark 
of  NETGEAR,  Inc  All  rights  reserved.  Other  brands  and  products  are  trademarks  of  their  respective 
holders.  Specifications  subject  to  change  without  notice. 
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More  to  lose 

Because  each  virtualized  server  is  the  equivalent  of  many  physical  servers, 
if  even  one  of  them  goes  up  in  flames,  so  too  does  much  of  your  IT  infra¬ 
structure.  Rebuilding  it  quickly  means  knowing  exactly  what  you’ve  lost. 

Tools  are  available  that  let  you  take  an  image  or  snapshot  of  an  entire  vir¬ 
tual  server  for  firing  up  on  another  physical  machine  (as  in  VMotion  or 
UltraBac).  But  missing  are  tools  to  keep  track  of  exactly  how  those  virtual 
servers  are  configured,  what  software  is  loaded  on  each,  what  tweaks  might 
be  needed  to  ensure  all  applications  perform  nicely  together  and  so  on. 

“Configuration  management  and  change  management  of  virtualized 
machines  is  a  whole  new  ball  of  wax,”Intellinet’s  Knoerle  warns.“You  need  to 
keep  very  good  track  of  what’s  on  each  server,  and  the  configuration  man¬ 
agement  tools  we  have  today  don’t  support  virtualized  machines.” 

Plus,  for  any  disaster-recovery  operation, “you  need  to  keep  track  of  config¬ 
uration  on  an  operations-group  level,”  she  says.  Virtualization  will  ease  that 
process  —  you  likely  will  have  your  most-critical  applications  automatically 
fail  over  to  other  virtual  servers.  But  restoring  less-critical  applications  could 

See  Disaster  recovery,  page  S20 


•  Stand-by  space  equipped  with  PCs  and  telephones  where  key  workgroups 
can  continue  operating,  such  as  call  center  personnel. 


•  Design  and  testing  of  failover  systems. 


•  Testing  and  management  of  your  older  equipment  kept  for  disaster  failovers. 


•  Dry-run  training  days  and  results  analysis. 


•  Help  during  the  hectic  hours  when  transferring  from  one  site  to  another  — 
and  for  failing  back  when  the  problem  site  is  ready  to  go  live  again. 


facility  for  hosting,  the  expense  and  hardware  requirement  can  be  less  — 
because  the  number  of  physical  servers  can  be  far  less.” 

Such  is  the  case  for  insurance  company  Mutual  of  Enumclaw,  based  in 
Enumclaw,  Wash.,  with  16  offices  in  Washington,  Idaho, Oregon  and  Utah. 

“We  approach  disaster  recovery  like  a  life  insurance  policy  We  don’t  want 
to  have  too  much,  but  we  want  enough,”  says  John  Weeks,  IT  director  for 
Mutual  of  Enumclaw,  which  uses  virtualization  software  from  VMware,  an 
EMC  company“The  virtual  capability  simplifies  our  recovery  efforts.” 

Critical  insurance-related  processing  runs  on  the  mainframe,  so  Weeks  cur¬ 
rently  contracts  with  a  disaster-recovery  facility  for  the  mainframe.  But  the 
company  relies  on  Intel-based  IBM  xSeries  servers  for  other  applications 
such  as  Citrix,  which  it  runs  via  a  virtualized  server  farm.With  VMware,  Mutual 
of  Enumclaw  has  reduced  the  number  of  physical  servers  it  uses  by  about 
35%.  (Weeks  also  has  begun  rolling  out  virtualized  IBM  blade  servers  for  the 
server  farm.  A  dual-blade  box  hosts  up  to  three  virtual  servers  while  the  quad 
blade  hosts  as  many  as  five,  he  says.) 

This  translates  into  a  lot  less  hardware  required  for  disaster  recovery  Before 
implementing  VMware,  the  company  contracted  with  its  disaster-recovery 
facility  to  maintain  a  similar  PC  server  environment  —  one  back-up  server  for 
every  production  server.  “We  have  simplified  that  [disaster]  model  by  going 
to  a  virtual  model,”  Weeks  says.  “VMware  is  hardware-agnostic,  and  we  can 
restore  systems  without  identical  or  near-identical  hardware.This  creates  flex¬ 
ibility  and  expands  our  options  regardless  of  what  site  we  recover  to,  either 
our  own  site  with  older  hardware  or  a  new  site  with  all  new  hardware.”  Mutual 
of  Enumclaw  also  reduced  its  network  and  support  requirements  for  disaster 
recovery,  Weeks  says. 

Still,  like  all  things  IT,  turning  virtualized  remote  data  centers  into  disaster- 
recovery  backups  for  one  another  won’t  be  a  cakewalk.  Technology  issues 
abound,  with  server  configuration  management/inventory  control,  data  syn¬ 
chronization  and  WAN  bandwidth  among  the  greatest  challenges.  And  you 
can’t  overlook  the  need  to  address  processes,  personnel  and  practice. 


The  third-party  part 

So  with  your  virtualized  servers,  your  switched  SANs  and  your 
other  new  data  center  technologies,  you  don’t  need  to  hire  a 
disaster-recovery  provider  to  stand  by  with  space  and  equipment. 
Or  do  you?  While  you  may  save  big  bucks  bringing  data  center  busi¬ 
ness  continuity  in-house,  you  still  might  want  to  consider  off-site 
specialists  for  the  following  needs: 
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contract.  Fewer  virtualized  servers  do  the  work  of  more  physical  servers. 

“The  pieces  of  hardware  become  less  critical  in  a  virtualized  environment 
—  if  there  are  400  servers,  with  virtualization  you  could  conceivably  do  dis¬ 
aster  recovery  on  20  servers.That  might  be  reaching,  but  that’s  the  idea,” says 
Vivian  Knoerle, principal  consultant  for  Intellinet.a  virtualization  and  disaster- 
recovery  systems  integrator  in  Atlanta.“If  you  do  still  use  a  disaster-recovery 


The  do-it-yourself  must-ask  list 


Thanks  to  virtualization,  many  companies  will  be  doing  their  own  disaster 
recovery  for  the  first  time.  Start  with  these  basic  questions: 


•  How  will  you  inform  key  people  of  the  disaster  and  get  information 
to  employees  in  the  affected  area? 


•  Who  grabs  the  configuration  documentation  before  getting 
on  the  airplane? 


•  Where  do  you  keep  backups  of  configuration  documentation, 
and  how  do  you  access  those? 


•  Which  IT  members  go  to  the  back-up  site,  and  which  stay  behind 
to  work  on  the  failed  systems? 


•  What  is  the  plan  for  failing  back,  once  the  disaster  is  over  and  the 
data  center  can  be  used  again? 


•  Where  will  employees  work  while  the  primary  site  is  unavailable, 
and  how  will  they  access  IT  systems? 


•  Have  you  tested  all  applications  to  work  with  the  failover 
systems?  If  configuration  changes  have  occurred, 
have  applications  been  tested  again? 


•  Who  is  assigned  what  tasks  for  getting  the  failover  site  fully 
operational? 


•  What  SAN  has  the  synchronized  data  and  how  will  failover 
occur  to  it? 


•  How  do  your  database,  server  cluster  or  virtualized  servers 
synchronize,  and  who  is  responsible  for  verifying  that  an 
accurate  synchronization  has  occurred? 


•  What  is  the  plan  for  failing  over  to  the  second  site  if  the  net¬ 
work  connections  in  the  region  have  been  affected  by  the 
disaster? 


•  Where  are  the  long-term  restore  tapes,  and  who  is 
responsible  for  getting  them? 


•  Has  all  older  equipment  functioning  as  disaster  backups 
been  kept  up  to  date  with  patches  and  testing? 

i  :  - _ _ _ _ _ _ 
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get  ugly  Back-up  media  labeled  by  the  physical  server  won’t  be  good  enough. 
You’ll  need  to  know  exactly  what  virtual  machines  and  applications  were 
running  on  each  physical  server,  and  which  processes  should  be  prioritized. 

“Do  some  kind  of  classification  —  as  simple  as  maybe  putting  applications 
inside  labels  such  as  mission-critical,  business-critical,  operational.That’s  how 
you’ll  determine  your  recovery  objectives,  and  that  will  determine  the  infra¬ 
structure  you  need  and  the  plan,”  says  Stephanie  Balaouras,  a  senior  analyst 
for  The  Yankee  Group. 

American  Medical  Responses  Brougham,  who  has  overseen  in-house  dis¬ 
aster-recovery  efforts  for  several  companies,  underscores  that  an  IT  inventory 
assessment  of  all  resources,  virtualized  and  not,  is  necessary  Most  companies 
do  a  poor  job  of  inventory  management,  particularly  on  servers,  he  says, 
because  they  rarely  implement  server-level  inventory  management  tools. 
With  a  small  number  of  virtualized  servers  now  representing  a  large  number 
of  physical  servers,  in  all  likelihood  your  inventory  assessment  will  uncover 
that  “you’ve  got  40  more  apps  than  you  really  need.  Or  you’ll  find  out  you  need 
40  more  apps,”  he  says. 

On  the  bright  side,  if  you  haven’t  yet  standardized  on  equipment  across  your 
data  centers, you’re  in  for  some  relief. The  virtualized  servers  won’t  care  what 
hardware  they  are  placed  on, and  older  equipment  can  be  used.This  also  dif¬ 
fers  from  the  days  when  data  centers  had  to  be  exactly  the  same  to  perform 
as  back-up  sites. 

SANs  and  synchronization 

You  will  need  to  analyze  the  data  on  your  SAN  in  a  similar  fashion.  Mutual 
of  Enumclaw  plans  to  expand  its  SAN  but  will  continue  using  existing  storage 
for  testing  and  disaster  recovery  Weeks  says.  It  will  add  3T-byte  EMC  AX100 
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Helpful  tools  for  the  do-it-yourself 
disaster-recouery  enterprise 

Brocade  SilkWorm  SAN  routers  —  manage  failover  between  remotely 
located  and/or  differing  types  of  SANs. 

HP  Virtual  Server  Environment  for  HP-UX  11i  —  aimed  at  servers  and 
blade  servers;  is  one  of  the  many  tools  HP  offers  for  virtualizing  servers. 

HP  Workload  Manager  —  available  for  many  operating  systems,  dynami¬ 
cally  allocates  CPU,  memory  and  disk  resources  to  meet  application  service- 
level  objectives. 

McData  Eclipse  or  IPS  families  of  multiprotocol  SAN  switches  — 

manage  failover  between  remotely  located  and/or  differing  types  of  SANs. 

Microsoft  Virtual  Server  2005  (evaluation  release  available  now,  full 
release  expected  late  2004)  —  supports  virtualization  of  Windows  2000  servers. 

Solaris  10  -  provides  a  variety  of  virtualization  services  for  Sun  boxes  running 
Solaris  applications,  such  as  clustering  (doesn’t  support  other  operating  systems), 
Solaris  10  N1  Grid  Containers  —  partitions  Sun  boxes  so  that  they  can 
run  multiple  instances  of  Solaris,  even  older  and  new  versions  simultaneously.  j 
Sun  StorEdge  Traffic  Manager  software  —  provides  automatic  failover, 
load  balancing  and  the  like  even  between  Sun  servers  in  remote  locations;  can 
prioritize  traffic  from  applications  that  cannot  sustain  delays, 

Topspin  Communications  Topspin  360  server  switch  —  creates  virtu 
alized  clusters  between  servers  of  any  operating  system  (even  those  running 
VMware)  and/or  between  SANs  for  automatic  failover,  load  balancing  and  the 
like.  Useful  for  sites  wanting  to  virtualize  non-Windows  servers. 

Topspin  VFrame  —  software  for  programming  the  360  server  switch  with 
user-defined  policies  for  load  balancing,  failover  and  the  like.  Supports 
VMware,  Oracle  Grid  Computing  and  others. 

VMware  ESX  Server  or  GSX  Server  —  popular  software  for  virtualizing 

Intel-based  servers. 

VMware  P2V  Assistant  —  eases  conversion  of  physical  servers  onto 
virtual  servers;  can  be  helpful  if  moving  from  failed  physical  servers  to  back-up 

virtual  servers. 

VMware  VMotion  -  takes  an  image  of  a  VMware  ESX  or  GSX  virtual 
server  for  porting  to  another  server  running  VMware  virtualization  software; 
intended  for  scheduled  maintenance,  not  automatic  failover  from  disasters. 


Serial  Advanced  Technology  Attachment  SAN  devices  with  built-in  switches. 
These  switches,  also  available  in  stand-alone  versions  from  vendors  such  as 
Brocade  and  McData,  let  the  SAN  move  data  from  one  device  to  another  for 
disaster  recovery  he  explains. 

Failover  should  be  the  easy  part.  Knowing  where  your  most  critical  data  is, 
and  how  to  make  sure  it  is  the  first  to  come  back  online,  will  be  the  hard  part. 
This  is  part  and  parcel  with  categorizing  your  data  using  information  life-cycle 
management  techniques,  which  analysts  recommend  implementing  as  part 
of  your  in-house  disaster-recovery  efforts.  “The  most  important  step  is  data 
classification,”  Balaouras  says. 

You’ll  want  to  look  at  technologies  for  synchronizing  data  between  main 
and  failover  sites,  too.  Every  disaster-recovery  plan  uses  the  “recovery  time 
objective”  to  keep  data  loss  within  acceptable  boundaries,  says  Belinda 
Wilson,  worldwide  executive  director  of  business  continuity  services  for  HP 
This  will  help  you  pick  your  synchronization  method.  But  with  virtualization 
technologies, synchronization  can  occur  at  many  levels  —  at  the  application, 
the  database  and  the  SAN,  for  instance.  Mixing  and  matching  among  syn¬ 
chronization  techniques  and  ensuring  full  data  synchronization  are  issues, as 
is  determining  which  source  is  the  last  word  should  a  bad  sync  occur. 

The  fun  of  requirements 

Somewhere  near  the  six-month  mark, you  should  have  the  building  blocks 
for  in-house  disaster  recovery  figured  out:  configuration/change  manage 
ment,  inventory  assessment,  application  and  data  classification,  SAN  failover 
and  data  synchronization.  Now  the  real  fun  begins  —  planning  technical 
requirements  for  your  new  virtual  data  center,  disaster-recovery  infrastructure. 

Your  analysis  should  cover  what  systems  employees  use  most,  what  systems 
the  business  most  relies  on  and  your  technical  needs,  Brougham  says.“What’s 
the  load  on  the  network  if  I  suddenly  take  this  database  out-of-building? 
What’s  the  performance  hit  on  the  application  if  I  take  it  out-of-building?  Is  it 
even  possible  to  centralize  these  systems  250  miles  away?” 

The  answers  to  these  questions  will  determine  your  design,  from  a  once- 
nightly  several-hour-long  database-synchronization  process  to  mirrored  sys¬ 
tems  that  take  snapshots  of  each  other  every  15  minutes,  for  instance. 

While  you  likely  already  have  network  connections  between  your  virtual¬ 
ized  sites, you’ll  have  to  look  at  them  in  a  new  light.  Brougham  suggests  using 
Multi-protocol  Label  Switching  (MPLS)  for  disaster  recovery  because  it  offers 
a  lot  more  capacity  than  frame  relay  can  be  had  atT-1  prices  yet  also  can  be 
meshed.  MPLS  automatically  shifts  IP  traffic  among  a  variety  of  routes,  which 
is  just  the  kind  of  failover  you’ll  want.  With  any-to-any  site  connections,  you 
can  maintain  higher  usage  thresholds  while  still  letting  your  links  absorb  the 
shared  failover  traffic.  He  compares  it  to  a  company  using  twoT-1  lines  for  its 
data  centers,  each  operating  at  a  60%  utilization  rate.  Disaster  strikes,  one  data 
center  must  failover  to  the  other,  and  now  all  the  company’s  traffic  overloads 
the  other  link. 

But,  Brougham  warns, “Watch  out.You  can  create  your  own  disaster  with  a 
fully  meshed  network  —  virus  propagation  can  kill  you.”  So  you’ll  have  to 
think  through  how  to  increase  security  when  building  a  meshed  WAN  for  dis¬ 
aster  recovery 

The  people  factor 

Like  all  IT  projects,  half  the  battle  is  won  by  technology,  the  other  by 
process  and  people.  Draw  up  detailed  procedures  and  practice  them  — 
you  don’t  want  the  live  disaster  to  be  the  first  time  that  your  staff  imple¬ 
ments  the  plan. They  might  need  a  new  mindset  when  bringing  up  a  back¬ 
up  data  center  via  server  virtualization,  too. They  might  be  accustomed  to 
replicate  applications,  not  the  fast  failover  in  a  tightly  coupled,  virtualized 
environment.  Unexpected  issues  might  arise,  such  as  deciding  when  they 
must  reconfigure  the  DNS  server  to  point  to  the  back-up  data  center. 

“From  a  pure  disaster-recovery  aspect,  the  first  things  that  go  wrong  are  the 
ones  that  you  don’t  test  enough.  If  you’ve  got  120  applications  that  have  to  go 
onto  a  server  in  the  disaster-recovery  site,  and  you  get  119  of  them  tested,  it’s 
always  the  one  you  missed  that  blows  up,”  Brougham  says.  He  advises  hiring 
a  software-testing  consultant  to  evaluate  how  applications  will  play  together 
when  ported  to  the  back-up  virtualized  boxes. 

Include  dry  run  practices  in  your  testing  schedule  —  which  will,  of  course, 
require  time. 

Despite  the  hard  work  involved,  in-house  disaster  recovery  makes  a  lot  of 
budgetary  sense  when  comparing  the  rarity  of  disasters  with  the  cost  of 
maintaining  idle  back-up  equipment.  And  it  almost  goes  without  saying 
that  these  days  you  can’t  simply  ignore  disaster  recovery  and  hope  light¬ 
ening  never  strikes. Your  virtualized  data  center  could  be  the  godsend  you 
never  knew  you  needed.  ■ 
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STEVEN  VOTE 


Sam  Mamazzo,  senior 
application  architect  for 
Praxair.shares  his  insights 
on  preparing  applications 
for  virtualized  servers. 


/4s  senior  application  architect  for  Praxair,  a  $5.6  billion  industrial  prod¬ 
ucts  supplier  in  Danbury,  Conn.,  Sam  Marrazzo  has  spent  the  past  year 
evaluating  applications  —  old  and  new  —  for  use  on  virtualized  servers 
The  differences  between  developing  applications  using  virtual  instances 
rather  than  physical  servers  can  be  astounding,  Marrazzo  says.  For 
example,  he  has  found  that  application  build  times  can  be 
up  to  100  times  faster  with  virtualization.^Crazy, 
but  true,”  he  says.  Here  Marrazzo  tells 
Signature  Series  Editor  Beth  Schultz 
what  he's  learned  as  an  applica¬ 
tion  architect  working  within  a 
virtualized  environment, 
from  how  to  test  an  appli¬ 
cation  to  how  to  plan  for 
disaster  recovery. 
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Under  what  circumstances  should  an  application  not 
be  put  on  a  virtualized  server? 

One  of  the  first  baselines  we  establish  is  how 
CPU-intensive  an  application  is.  If  an  application 
has  a  sustained  CPU  requirement  for  a  long  peri¬ 
od  of  time,  then  it’s  a  physical  server  candidate. 
So  if  we  see  80%  CPU  utilization  for  an  hour,  that 
would  tell  us  thatVMware  [server  virtualization 
software  from  EMC  business  unit  VMware]  as  a 


Software]  to  run  the  whole  ERP  application 
[from  J.D.  Edwards]  .We  selected  Tidal  because 
we  saw  it  could  run  in  VMware,  and  that  meant 
we  didn’t  have  to  buy  new  hardware,  and 
because  it  fits  into  our  disaster-recovery  process 
very  nicely  —  you  definitely  need  a  disaster- 
recovery  solution  for  enterprise  scheduling.  We 
physically  split  Tidal  on  two  separate  VMware 
instances,  [each  of  those  running  on  servers  at 


via  a  console.  And  on  the  fly;  if  there’s  a  problem 
with  the  VMware  session,  we  can  allocate  CPU  or 
memory  Applying  patches  also  is  centralized 
now  At  the  same  time,  virtualization  reduces  our 
costs  of  physical  devices.  In  most  cases  within 
an  enterprise,  60%  to  70%  of  application  servers 
are  underutilized. 

As  far  as  staffing,  requirements  are  basically  the 


ers  at  same.  But  in  the  past,  we  were  building  servers, 
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whole  wouldn’t  be  good  for  that  application,  that 
the  application  is  going  to  require  a  dedicated 
CPU.  [While  Marrazzo  evaluates  applications  for 
use  on  virtualized  servers,  the  decision  to  move 
to  a  virtualized  environment  was  made 
by  Praxair’s  infrastructure  group] 
When  we  think  about  virtu¬ 
alization,  we  talk 


about ‘blip’ 
appli- 


disparate  data  centers]  .That  gives  us  disaster 
recovery  and  isolation. 

In  the  past,  we  were  decentralized  from  a 
scheduling  perspective.  We’d  run  a  job  on  this 
system  and  one  on  that  system,  and  we  couldn’t 
have  interdependencies  within  those  jobs.  All 
the  jobs  were  scheduled  in  their  environment 
without  visibility  to  the  outside  systems.  With 
Tidal,  we  get  streamlined  job  scheduling,  man¬ 
ageability  and  a  centralized, enterprise  view  of 
all  the  production  applications. 


You  mentioned  disaster  recovery  for  applies 
tions.  How  does  virtualization  fit  in? 

We  have  two  separate 
data  centers  in  the 
Northeast. 
We 


and  we  couldn't  keep  up  with  the  demand.  Now 
we’re  building  images,  only  using  the  amount  of 
CPU  or  RAM  required  for  that  particular  project. 
It’s  not  like  we’re  running  around  with  hammers 
and  screwdrivers  and  wrenches,  but  we’re  still 
building  big  enterprise  boxes  for  the  VMware 
instances.  It’s  just  that  it’s  one  now  vs.  30.  And 
before,  when  we  needed  to  do  an  evaluation  of 
an  application,  we  needed  to  have  a  server  built. 
The  first  question  was ‘Who’s  going  to  pay  for  it?’ 
Today  we  can  evaluate  applications  very  quickly, 
creating  instances  on  our  own, on  the  fly.That 
means  we  can  deliver  those  applications  much 
faster,  and  make  the  business  units  much  happier. 
We’re  looking  at  80  to  100  times  faster  for  applica¬ 
tion  delivery  without  the  server  build  time  and 
ordering.  1  know  it  sounds  crazy  but  it’s  true. 


How  do  you  anticipate  virtualization  unfolding  further 
at  Praxair  and  beyond? 

At  Praxair,  we’ll  be  continuing 
down  the  consolidation  path 
—  you  can’t  consoli¬ 
date  everything 
in  the 


cations  — 

applications  that  see  the 
CPU  go  up  to  100%,  then  come 
down  to  20%  to  60%  at  full  utilization. Those 
are  good  for  a  centralized  computing  environ¬ 
ment  where  we  can  manage  virtual  instances. 


Are  you  setting  a  baseline  for  every  application,  or 
only  select  ones? 

Any  application  that  comes  in  [for  pro¬ 
cessing]  today  is  tested.  We  monitor  the 
CPU  and  then  determine  if  we  need  to 
move  it  off  or  not.  Excellent  candi¬ 
dates  are  applications  for  print 
servers  and  terminal  servers.  Also 
new  applications,  like  our  job 
scheduler,  are  being  brought 
into  VMware. 


split  the 

resources  between 
them  —  the  servers  and  the 
instances.That’s  how  we  isolate  the  applica¬ 
tions.  If  an  application  needs  disaster  recovery 
we  load  balance  via  two  servers  and  separate  it 
that  way  This  has  saved  us  in  physical  capital 
costs.  In  a  traditional  sense  of  distributed  com¬ 
puting,  you  have  to  buy  two  of  everything.  Now 
we  just  buy  two  VMware  servers  and  virtualize 
the  instances  for  the  disaster-recovery  plans. 


How  does  that  job-schedul¬ 
ing  application  run  in  a 
virtualized  environment 
and  how  has  it  bene¬ 
fited  Praxair? 

We  have  been 
using  the  job 
scheduler 
[from  Tidal 


Do  you  work  with  other  virtualized  IT  resources? 

We  have  shared  storage  that’s  virtualized,  so  we 
have  redundancy  there.  We  attached  the  storage 
to  VMware,  but  use  a  separate  [storage-area  net¬ 
work].  We  have  direct  connections  to  the  storage, 
so  all  applications  have  access  to  that  storage. 


What  other  changes  have  come  from  the  ability  to  run 
enterprise  applications  in  a  virtual  environment9 

Now  there’s  no  need  to  buy  a  server  for  every 
project.  We  can  manage  these  virtual  instances 


first  year.  So 
we  look  at  new  apps 
and  then  legacy  apps.  Our  goal  is 
to  further  reduce  the  number  of  applica¬ 
tion  servers  in  the  data  center. 

In  the  industry  what  I’d  like  to  see  is  developers 
coming  up  with  guidelines  for  running  applica¬ 
tions  on  VMware.  We’d  like  to  see  the  larger  com¬ 
panies  like  IBM  and  Citrix  get  VMware  certifica¬ 
tions.  What  we  hear  from  vendors  universally  is 
‘We  use  VMware  in  our  testing  and  development 
environment.’ We  don’t  hear  them  saying  —  and 
we  want  to  —  that  they  use  it  in  their  production 
environments  across  the  board.  We  want  to  see 
more  vendors  adopt  this  technology  because  it 
will  continue  being  our  direction  going  forward. 

We’re  an  early  adopter,  but  so  far, so  good. 
Deployment  and  execution  have  been  great.  ■ 
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As  data  centers  evolve,  businesses 
say  these  technologies  have  helped 
them  cut  costs  and  become  more  effi¬ 
cient,  even  as  the  workload  increases. 


■  BY  JOANNE  CUMMINGS 


he  new  data  center,  marked 
:  ■  by  cutting-edge  technologies 

such  as  virtualization,  Web-centric 
computing  and  autonomic  comput¬ 
ing,  promises  new  efficiencies  in  hard¬ 
ware,  software  and  staffing.  But  as 


more  organizations  move  to  the  new  paradigm,  cost 
savings  is  rising  as  the  prime  benefit.  Users  and  analysts 
say  a  business  can  cut  overall  operational  costs  any¬ 
where  from  25%  to  90%  with  smart  implementation  of 
these  seven  new  data  center  technologies. 

See  Costs,  page  S26 


Raritan's  Dominion™  KX.  Better  KVM  Over  IP. 


ontrol  solution? 


As  your  company  grows  and  you're  responsible  for  more  and  more  servers  and  other  IT  devices,  you  have  two  options:  Get  a 
super-scalable  KVM  solution  now,  or  rip  and  replace  later.  Luckily,  the  new  Dominion  KX  lets  you  access,  diagnose  and 
monitor  hundreds,  even  thousands  of  servers  in  any  location  in  the  world  via  KVM  (Keyboard,  Video,  Mouse)  without  ever 
leaving  your  chair. 


With  Raritan's  19  years  of  innovation  in  the  Data  Center,  you  now  have  the  newest  and  most  dependable  choice  for  an 
integrated  KVM  over  IP  switch.  Dominion  KX  is  a  plug-and-play  appliance.  It's  incredibly  scalable,  as  you  can  see,  delivering 
dependable  performance  no  matter  how  big  your  company  gets.  It  offers  your  choice  of  local  or  centralized  authentication 
with  LDAP,  RADIUS  or  Active  Directory,®  and  can  also  apply  role-based  policies.  And  by  encrypting  all  KVM  data,  including 
video,  Dominion  KX  provides  the  industry's  most  secure  KVM  over  IP  technology.  It's  the  KVM  over  IP  solution  that  beats 
the  other  options  again  and  again  and  again. 


Schedule  your  on-line  test-drive  today,  by  calling  1-800-724-8090  x1927 
or  by  visiting  us  at  www.raritan.com/927 
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Command 

Center 


The  KX  Digital  KVM  Switch 
is  one  part  of 

RARITAN'S  DOMINION  SERIES 

The  complete  Data  Center 
Management  Solution 


Dominion 


Dominion 


Dominion 


When  you're  ready  to  take  control. 


:  2004  Raritan  Computer.  Inc.  Dominion  is  a  trademark  of  Raritan  Computer.  Inc.  Active  Directory  is  a  registered  trademark  of  Microsoft  Corporation. 
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Costs 

continued  from  page  S24 

1.  Storage  consolidation. 

A  good  first  step  when  it  comes  to  slashing  data 
center  costs  is  pooling  storage  using  storage-area 
networks  (SAN)  or  network-attached  storage 
(NAS), experts  say 

First,  a  company  must  get  a  handle  on  the  types 
of  storage  it  has  in  place  —  whether  direct- 
attached,  SAN  or  NAS  —  and  calculate  the  main¬ 
tenance  and  operational  costs  of  each.  Then, 
migrate  to  the  most  efficient,  which  in  most  cases 
will  mean  some  kind  of 
networked  storage,  says 
Johna  Till  Johnson,  presi¬ 
dent  at  Nemertes  Re¬ 
search  and  a  Network 
World  columnist.  Many 
organizations  are  still  hob¬ 
bled  by  inefficient  storage 
architectures, she  says. 

Such  had  been  the  case 
at  American  Medical  Re¬ 
sponse  (AMR),  a  medical 
transportation  company 
in  Greenwood  Village, 

Colo.  “We  had  a  lot  of  the 
servers  here  in  our  data 
center  that  hadn’t  been 
moved  onto  the  SAN  and 
had  their  own  disk  array 
hanging  off  them.  They 
were  all  running  at  about 
40%  utilization,”  says 
Jason  Brougham,  enter¬ 
prise  network  manager  at  AMR.“That  means 
we  were  wasting  terabytes  worth  of  storage 
and  tens  of  thousands  of  dollars.  When  we 
combined  all  of  that  on  the  SAN  we  got  to 
pool  all  of  those  chunks  of  storage.  It’s  a  real 
cost  savings.” 

The  deciding  factor  on  storage  architec¬ 
ture  should  be  the  cost  to  manage  and 
maintain  it.  “NAS  can  be  trickier  to  manage 
in  some  cases,”  Johnson  says.  “Plus,  NAS  is 
generally  optimized  for  file  storage,  so  it’s 
great  for  archiving.  But  it  doesn’t  work  so 
well  for  database  access.You  have  to  look  at 
what’s  best  for  your  organization.” 

But  whatever  storage  architecture  you 
decide  on,  the  most  cost  savings  come  only 
when  it’s  implemented  beyond  the  individ¬ 
ual  department.  Johnson  recommends 
appointing  a  “storage  czar”  to  oversee  the 
corporation.“You  need  one  guy  in  charge, or 
at  least  you  want  to  get  everybody  together 
on  the  same  page  and  have  conversations 
about  this.  That’s  where  you  really  see  your 
costs  come  down,”  she  says. 

2.  Server  virtualization. 

Most  organizations  support  and  maintain  a 
slew  of  underutilized  application  servers. 

The  smart  moves  are  server  consolidation 
and  deployment  of  more-efficient  technolo¬ 
gies  such  as  blade  servers  or  virtualization 
software. 

AMR  has  seen  significant  cost  savings, 
especially  in  terms  of  hardware  and  mainte¬ 
nance,  by  implementing  blade  servers  and 
virtualization  from  EMC  business  unit 
VMware,  Brougham  says.  “With  blades  and 


server  virtualization,  you  quickly  find  that  one 
server  rack  can  almost  run  your  entire  company 
he  says.“It’s  hard  to  put  a  dollar  amount  on  it  since 
every  company  is  different.  But  I’d  say  that  from 
rack  space  alone  there’s  a  huge  savings.You  don’t 
have  to  cool  as  much  space,  and  you  don’t  need 
UPS  for  as  much.” 

But  as  with  storage,  there  are  caveats.  “With  vir¬ 
tualization  and  consolidation,  we’ve  got  database 
servers  with  nine  different  instances  on  them.  If 
the  SQL  server  engine  stops,  all  nine  databases 
stop.  So  change  management,  patch  manage 
ment,  regression  testing  —  all  of  that  stuff  be 
comes  more  critical,”  Brougham  says. 

3.  Data  center 
consolidation. 

Once  organizations  have 
consolidated  storage,  servers 
and  applications,  they  soon 
find  they  require  less  space  in 
their  data  centers  and  fewer 
data  centers.  That  leads  to 
some  smart  cost-conscious 
decisions  about  the  data  cen¬ 
ter  placement  and  equipment. 

With  broadband  becoming 
less  expensive  and  more  readi¬ 
ly  available,  organizations  can 
cut  costs  simply  by  locating 
their  data  centers  in  rural  areas 
with  less-expensive  real  estate, 
Johnson  says.  “Broadband’s 
getting  cheaper  and  real  estate 
is  always  getting  more  ex¬ 
pensive,  so  optimizing  the 
thing  that  costs  a  lot  but  is 
going  to  rise,  at  the  expense  of  the  thing  that’s 
decreasing  in  cost,  is  a  good  strategy 
Others  say  the  key  to  a  cost-effective  data  cen¬ 
ter  is  to  take  advantage  of  the  recent  economic 
downturn.  Steve  MacDonald,  CIO  at  Optimus 
Solutions,  a  value-added  reseller  in  Norcross, 
Ga.,  did  just  that  as  he  implemented  a  new 
7,000-square-foot  data  center.  The  company 
scoured  surplus  equipment  brokers  and  hit  a 
sweet  deal.  ‘A  very  large  network  carrier  had 
equipment  on  hand  from  a  data  center  that 
never  got  built  as  the  economy  soured,” 
MacDonald  says.  “We  found  the  company  that 
was  helping  unload  those  assets,  and  literally 
paid  nothing  per  square  foot  of  data  center.  We 
probably  saved  ourselves  easily  $50,000  or 
$60,000  in  materials  alone.  That  was  enormous 
cost  savings.” 

4.  Thin-client  computing. 

Moving  to  thin-client  computing  via  technolo¬ 
gies  such  as  Citrix  or  Web  services  also  cuts  data 
center  costs,  especially  in  terms  of  support, 
Brougham  says.  AMR  has  more  than  250  offices 
nationwide,  some  of  which  are  very  small. 
“When  you  have  an  office  of  eight  in  Mobile, 
Ala.,  and  your  closest  support  is  in  Atlanta,  it 
takes  days  for  somebody  to  get  out  there  and  fix 
a  desktop  issue  with  an  application  or  apply  the 
latest  patch,”  he  says. “But  with  thin  client,  you 
just  support  a  Web  browser  or  a  Citrix  client 
application  and  that's  it.  We  can  centrally  man¬ 
age  the  applications,  and  that’s  a  huge  savings.” 

Most  organizations  can  save  80%  of  their 
costs  simply  by  moving  to  Web  services, 
Johnson  says. 


5.  Open  source. 

As  organizations  begin  consolidating  applica¬ 
tions  in  the  new  data  center,  a  good  cost-saving 
strategy  is  migrating  to  Linux  on  an  application-by¬ 
application  basis.  The  more  applications  an  orga¬ 
nization  supports,  the  higher  its  costs,  Johnson 
says.“Organizations  should  be  looking  to  get  rid  of 
the  expensive,  cumbersome,  complex  apps,  and 
replacing  them  with  fewer,  easier-to-maintain 
apps.”  If  they  also  look  to  run  the  newer  applica¬ 
tions  on  Linux,  that  strategy  easily  can  reap  cost 
savings  of  about  80%  to  90%,  she  says. 

Brougham  offers  one  disclaimer:  “Linux  works 
fine,  and  you  don’t  have  to  spend  the  money  on 
an  [operating  system]  license.  But  you  still  need 
something  that’s  supportable,  with  a  maintenance 
contract  and  regular  patch  revisions  and  security 
revisions.  I  don’t  think  it’s  ready  to  handle  every¬ 
thing  yet.”  AMR,  he  says,  uses  Linux  on  about  10  of 
its  350  servers. 

6.  IP  telephony. 

At  Optimus,  MacDonald  has  reaped  a  good  deal 
of  savings  by  implementing  VoIP  on  its  campus¬ 
wide  network.  “Using  VoIP  between  PBXs,  we’re 
able  to  leverage  three  times  as  many  ports  per  line 
of  PBX,”  he  says.“And  it  actually  reduces  the  num¬ 
ber  of  skill  sets  we  need.  We  trained  our  data  spe¬ 
cialists  on  what  little  bit  of  PBX  they  needed  to 
know  and  did  away  with  the  requirement  to  have 
a  support  staff  dedicated  to  a  proprietary  PBX. We 
get  more  out  of  our  staff  as  a  result.” 

Pooling  resources  is  the  key  with  VoIRBrougham 
says.“Our  No.  1  cost-cutter  is  IP  telephone  he  says. 
“Once  you  build  this  next-generation  data  center 
and  all  of  this  wonderful  infrastructure,  you  can 
take  all  of  those  PBXs  you  had  in  your  remote 
locations,  consolidate  them  into  a  large  IP  tele¬ 
phony  implementation  and  pool  long-distance, 
local  services,  voice  mail  services  —  and  the  sup¬ 
port  of  those.  That’s  when  you  really  start  saving 
the  money’ 

7.  Autonomic  computing. 

Another  key  to  cost  savings  is  data  center 
automation,  including  items  such  as  application 
provisioning,  patch  management  and  security 
alerting.  Concentrating  on  those  areas  can  help 
you  support  new  applications  and  initiatives  while 
keeping  staffing  levels  the  same,  MacDonald  says. 

“We  look  at  cost  reduction  from  a  manpower 
standpoint,”  he  says.“We’re  focusing  on  getting  a 
greater  degree  of  sophistication  in  systems  moni¬ 
toring  and  systems  notifications  via  the  NetlQ 
application  manager  platform” 

Also  under  evaluation  are  patch  management 
tools  from  St.  Bernard  Software  and  Microsoft’s 
upcoming  Windows  Update  Server,  he  says.  “The 
whole  idea  is  to  reduce  the  amount  of  activity  of 
the  IT  staff,  taking  something  that  probably  took 
three  to  eight  hours  in  the  past  and  reducing  it 
down  to  about  an  hour  of  quick  testing  and  eval¬ 
uation  prior  to  rolling  out  a  new  patch.” 

Implementing  any  of  these  technologies  will 
slash  data  center  costs. “A  good  rule  of  thumb  is 
that  people  should  do  something  in  IT  if  the  cost 
savings  is  25%  or  more  compared  to  what  they’re 
currently  doing,”  Johnson  says.  “And  all  of  these 
things  will  give  you  at  least  a  25%  cost  savings.” 

Cummings  is  a  freelancer  writer  in  North 
Andover,  Mass.  She  can  be  reached  at 
jocummings@comcast.  net. 


Maximum  mobility  equals  maximum  productivity. 

And  Intel’  Centrino  mobile  technology  is  designed  from  the 
ground  up  for  mobile  computing.  It  enables  extended  battery 
life  in  a  new  generation  of  thin,  light,  wireless  laptops. 
And,  Intel  works  closely  with  industry  leaders  to  support  a  wide 
range  of  wireless  security  solutions,  it’s  all  about  mobility. 
Unwire  your  company  at  intel.com/business. 

TECHNOLOGY 

Integrated  wireless. 

No  need  to  deal  with 
adapter  cards. 


Power  conserving. 

Advanced  technology  enables 
extended  battery  life. 


Thin,  light  designs. 

Light  briefcases  mean 
happy  users. 


High  performance. 

Power  to  run  the  most 
demanding  applications. 


Wireless  connectivity  and  some  features  may  require  you  to  purchase  additional  software,  services  or  external  hardware.  System  performance,  battery  life,  wireless 
performance  and  functionality  will  vary  depending  on  your  specific  hardware  and  software  configurations.  See  http://www.intel.com/products/centrino/more_info  for 
more  information.  ©2004  Intel  Corporation.  Intel,  Intel  Inside,  the  Intel  Inside  logo,  the  Intel  Centrino  logo,  and  Intel  Centrino  are  trademarks  or  registered  trademarks 
of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  All  rights  reserved. 


'ZfjEZ 


A\\ 

\  \  \  \  1  ’  1  1  1 


THE 


IRON  EDGE 


X-SERIES  1GGBE  SWITCHES 


Breakthrough, 
Industry- Leading 
1  GGbE  Pricing 


Industry’s  Only  Complete, 
Front-Accessible  Compact 
1  DGbE  Edge  Switches 


Integral  Hot- 
Swappable  AC  <&  DC 
Power  Supplies  for 
Redundancy  and  High 
Availability 
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Advanced  Layer  2 
Upgradeable  to  Full  Layer  3, 
Including  RIP,  QSPF,  BGP,  PIM-| 
DM,  PIM-SM,  DVMRP, 

AND  I  E  M  P 


Extensive  Security  and  DoS 
Protection  Capabilities 
Including  BD2. 1  x  and  MAC 
Authentication,  Dynamic  VLAN 
and  Security  Policies,  ACLs, 
and  Advanced  Network 
Monitoring 


Network  Goes 


Faster.  Budget  Goes  Farther. 


Fastlron  Edge  X-Series  switches  let  you  do  more  with  less — less  size,  less 
money,  yet  more  capability.  Compact  form.  Immense  capabilities,  10  Gigabit 
Ethernet  performance  from  edge  to  core  at  a  price  you  can  afford.  They  are 
purpose-built  to  deliver  wire-speed  Gigabit  and  10  Gigabit  Ethernet  performance  to  workgroup, 
server  farm,  edge  aggregation,  small/medium  enterprise  backbone,  and  cluster  computing 
networks  at  prices  that  bring  the  power  and  scalability  of  10  Gigabit  Ethernet  within  reach  for 
enterprises  large  and  small.  Fastlron  Edge  X-Series  switches  deliver  24  or  4<S  ports  of 
10/100/1000  with  4  combo  SFP  ports,  plus  optional  I  or  2  ports  of  1 1 >GbE.  Fastlron  Edge  X- 
Series  switches  give  you  the  lowest  total  cost  of  ownership  and  the  best  investment  value  of  any 
comparable  switch  on  the  market.  Get  a  competitive  edge — get  a  Fastlron  Edge  X-Series  switch. 
Call  1  .888.7  UK BOL AN  (I  )irect  + 1  408.586. 1 700)  or  wwv.foundrYiictwoiks.com  fox 
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NetworkWorld 


■  AN  INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


ZigBee  enables  wireless  embedded  nets 


■  BY  ZACHARY  SMITH 

Wireless  embedded  networks  hold 
great  promise  for  deployment  in  residen¬ 
tial  and  commercial  building-automa¬ 
tion,  industrial  plant  monitoring,  and 
other  wireless  sensing  and  control  appli¬ 
cations.  An  association  of  corporations 
called  the  ZigBee  Alliance  is  developing 
a  standard  for  low-cost,  low-power  wire- 
leas  embedded  networking. 

Version  1  of  the  ZigBee  specification  is 
set  for  release  in  the  fourth  quarter,  and  a 
number  of  platforms  based  on  the  stan¬ 
dard  are  expected  to  be  available  around 
the  same  time.  The  specification  provides 
network  and  application  support  services 
operating  on  top  of  the  IEEE  802.15.4  stan¬ 
dard  of  the  media-access  control  layer  and 
physical  layer.  ZigBee  software  may  be 
implemented  in  microcontrollers  for 
802.15.4  radio  chips. 

The  software  employs  a  suite  of  tech¬ 
nologies  to  enable  scalable, self-organizing, 
self-healing  networks  that  can  manage  a 
variety  of  traffic  patterns.  The  standard  is 
well-suited  to  applications  such  as  lighting, 
heating  and  cooling  controls;  industrial 
building  and  automation;  and  medical 
device  monitoring.  The  ZigBee  Alliances 


Got  great  ideas 


■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you 
want  to  contribute  a  primer  on  a  spe¬ 
cific  technology,  standard  or  protocol, 
contact  Amy  Schurr,  senior  managing 
editor,  features  (aschurr@nww.com). 


■  HOW  IT  WORKS 


ZigBee 

ZigBee  facilitates  wireless  embedded  networks. 
Devices  organize  themselves  into  a  hierarchical 
network  around  a  ZigBee  coordinator.  Routing  may 
follow  the  hierarchy  or  choose  optimized  paths. 


O  The  ZigBee  coordinator  establishes 
the  network  and  sets  the 
operational  parameters  for  it. 

©  ZigBee  routers  join  the  network 
by  associating  with  the  ZigBee 
coordinator  or  with  other  ZigBee 
routers  that  have  already  joined. 

©  End  devices  may  connect  with  any 
ZigBee  router  or  the  ZigBee 
coordinator. 

0  Message  traffic,  by  default,  follows 
a  tree-routing  path. 

©  Routers,  if  they  have  the  capacity, 
also  may  discover  optimized 
routes  to  a  given  destination  and 
store  them  for  later  use  in  routing 
tables. 


Source 


Destination 


O  ZigBee  coordinator 
Q  ZigBee  router 
Q  ZigBee  end  device 


long-term  goal  is  to  enable  a  scalable,  low- 
cost,  embedded  infrastructure  based  on 
interoperable  platforms  and  profiles  that 
will  let  devices  communicate  in  ways  that 
have  been  impractical  until  now. 

The  ZigBee  standard  defines  three  types 
of  devices:  ZigBee  coordinator  devices, 
ZigBee  router  devices  and  ZigBee  end  de¬ 
vices.  Every  network  must  contain  only  one 
ZigBee  coordinator. 

The  primary  responsibility  of  the  coordi¬ 
nator  is  to  set  up  the  parameters  for  build¬ 
ing  a  network  and  to  start  that  process, 
including  choosing  a  radio-frequency 
channel,  a  unique  network  identifier  and  a 
set  of  operational  parameters. 


ZigBee  routers  can  be  used  to  extend  the 
range  of  a  network  by  acting  as  relays 
between  devices  that  are  too  far  apart  to 
communicate  directly 

ZigBee  end  devices  do  not  participate  in 
routing. 

All  these  devices  can  take  on  other  roles 
an  application  requires. 

As  routers  and  end  devices  are  integrated 
into  a  network,  they  obtain  information 
about  the  network  from  the  coordinator  or 
from  any  router  that  already  has  joined. 
This  information  lets  other  devices  set  their 
operational  parameters  to  reflect  those  of 
the  network,  and  so  join  it. 

A  ZigBee  router  is  given  a  block  of  net¬ 


work  addresses  to  subdivide  and  distrib¬ 
ute,  and  when  a  wireless  device  or  other 
end  device  joins  the  network.it  is  given  one 
of  these  addresses. 

A  ZigBee  router  uses  tree  routing,  which 
takes  advantage  of  the  tree-structured 
addressing  in  making  routing  decisions. 
With  tree  routing,  a  device  does  not  have  to 
maintain  memory-intensive  routing  tables 
or  perform  any  additional  over-the-air  oper¬ 
ations  to  discover  routes,  hence  minimiz¬ 
ing  network  traffic. 

But  tree  routing  follows  the  structure  of 
a  tree  rather  than  taking  the  shortest  path, 
and  routes  that  are  longer  than  necessary 
generate  extra  traffic  and  are  more  likely 
to  fail. 

To  improve  routing  efficiency,  the  ZigBee 
algorithm  also  lets  routers  discover  short¬ 
cuts.  Each  router  that  wishes  to  exploit 
shortcuts  must  maintain  a  table  containing 
pairs  of  the  form  D,N,  in  which  D  is  a  desti¬ 
nation  address  and  N  is  the  address  of  the 
next  device  on  the  path  to  that  destination. 
The  rule  for  routing  is  simple, “if  you  have  a 
shortcut  use  it,  otherwise  use  the  tree.” 

The  simple  request/response  protocol 
whereby  shortcuts  are  discovered  under 
ZigBee  is  derived  from  a  routing  algorithm 
called  the  Ad  hoc  On  Demand  Distance 
Vector. 

ZigBee  networks  are  simple  to  install 
because  they  form  autonomously  Further¬ 
more,  the  combination  of  tree  routing  and 
table-driven  routing  provides  an  opera¬ 
tional  flexibility  and  a  range  of  price/per¬ 
formance  options  to  developers  that  sup¬ 
port  the  ZigBee  Alliance’s  goals  of  low-cost 
scalable  network  infrastructure. 

Smith  is  chief  software  architect  at  Ember. 
He  can  be  reached  at  zachary@ember.com. 


Dr.  Internet  By  Steve  Blass 

Can  we  disable  delivery  of  Windows  XP  Service 
Pack  2  through  Automatic  Updates  and  Windows 
Update  without  blocking  the  delivery  of  other 
critical  security  updates? 

Microsoft  disabled  XP  SP2  updates  for  120  days 
starting  Aug.  16  because  many  companies  wanted 
to  test  the  service  pack  before  it  got  automatically 
installed.  Update  control  tools  are  available  at 
www.nwfusion.com,  DocFinder:  3432.  Each  tool 


uses  a  different  method  to  create  a  new  registry 
key  —  “HKLM\Software\Policies\Microsoft 
Windows\WindowsUpdate”  with  the  value 
“DoNotAllowXPSP2."  There  is  a  template  for  com¬ 
panies  that  have  implemented  Active  Directory- 
based  Group  Policy  that  centrally  disables  and 
enables  delivery  of  SP2.This  tool  kit  includes  soft¬ 
ware  that  can  run  on  individual  PCs  for  companies 
that  don’t  use  Active  Directory  Group  Policy.  A 
sample  script  that  accepts  a  machine  name  as  a 


parameter  is  provided  to  support  execution 
through  logon  scripts  or  remote  script  execution 
commands.  A  sample  e-mail  containing  an  update 
control  URL  is  provided  so  users  can  disable  and 
re-enable  SP2  updates  through  a  Web  browser 
(DocFinder:  3433). 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.iriternet@ 
changeatwork.  com. 
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In  the  litany  of  connectivity  technologies 
that  have  transformed  the  way  we  work, 
one  of  the  most  profound  has  been 
USB. While  the  standard  isn’t  perfect  it  man¬ 
ages  to  simplify  some  aspects  of  connect¬ 
ing  peripherals  such  that  you  might  won¬ 
der  how  you  ever  did  without  it. 

Of  course,  there’s  no  technology  perfect 
enough  to  prevent  its  implementation 
under  Windows  from  being  really  crummy 
We  just  went  through  a  ridiculous  num¬ 
ber  of  hoops  to  get  our  Sharp  Zaurus  5500 
PDA  updated,  and  the  cause  of  much  of 
our  frustration  was  the  interminable  re 
boots  that  Windows  requires.  It  seemed  like 
every  time  we  did  what  should  have  been 
a  minor  change  we  sat  there  watching  yet 
another  reboot. 

To  be  fair,  Sharp  hasn’t  done  a  sterling  job 
on  the  process  for  updating  the  Zaurus  — 
the  company  has  made  it  complicated. 
Product  management  is  turning  into  a  for¬ 
gotten  and  dying  art. 

Product  management  is  about  bridging 
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Product  management  nays,  USB  server  yays! 


the  gap  between  the  sometimes  conflicting 
needs  of  engineering  and  marketing  with 
the  goal  of  providing  sales  departments 
with  the  products  they  can  sell.  This 
requires  product  managers  to  look  at  prod¬ 
ucts  critically  to  see  whether  they  fit  in  with 
the  expectations  of  purchasers  and  end 
users. 

Product  managers  have  to  cast  a  jaun¬ 
diced  eye  on  the  cool  stuff  that  the  code 
cutters  and  hardware  jockeys  create  to  en¬ 
sure  that  a  product  is  what  was  planned. 

We  get  to  talk  to  product  managers  a  lot, 
and  over  the  years  there  seems  to  have 
been  a  slow  and  inexorable  slide  away 
from  product  expertise.  It  now  has  reached 
the  point  where  a  technical  conversation 
with  the  average  product  manager  either 
leaves  you  with  a  headache  or  the  disturb¬ 
ing  sensation  that  you’ve  just  lost  a  few 
points  from  your  IQ. 

Anyway,  the  reason  that  we  decided  to 
grapple  with  our  Zaurus  was  that  not  only 
did  it  need  updating  but  also  we  wanted  to 
test  a  cool  USB  product.The  Zaurus,  having 
a  USB  interface  for  syncing  with  Outlook 
and  exchanging  files  with  a  PC  or  Mac,  was 
a  fine  test  bed. 

So  once  we  had  beaten  the  Zaurus  into 
shape,  we  could  turn  our  attention  to  this 
week’s  topic: The  Keyspan  USB  Server. 


This  product  is  unique  as  far  as  we  can 
determine.  It  provides  four  full-speed 
(12M  bit/sec),  powered  (500mA)  USB  1.1 
ports  that  are  accessible  across  an 
Ethernet  network. 

Using  a  standard  USB  hub  you  can  place 
your  hub,  at  most,  15  feet  from  your  PC. 
Using  the  Keyspan  USB  Server  you  can 
connect  to  USB  devices  anywhere  on  your 
network. The  only  limitation  is  in  the  types 
of  devices  the  server  supports. 

The  current  release  lets  you  connect  to 
USB  printers,  USB  multi-function  printers, 
USB  scanners  and  USB  human  interface 
devices  (including  mice  and  keyboards). 
Unsupported  devices  include  USB  hubs,  as 
well  as  USB  audio  and  video  products. 

Getting  the  server  running  is  an  easy  no¬ 
reboot  process  that  installs  a  new  USB  Hub 
driver  on  your  PC  along  with  a  utility  that 
finds  and  manages  connections  to  the  USB 
Server  (PC  and  Mac  both  are  supported). 
The  utility  is  called  Keyspan  USB  Server. 
(Why  call  the  client-side  software  the  same 
name  as  the  hardware?  Sigh.) 

The  Keyspan  USB  Server  (software)  is 
first  used  to  configure  the  hardware  serv¬ 
er’s  name,  IP  address  scheme  (Dynamic 
Host  Configuration  Protocol,  static  or 
Rendezvous,  otherwise  known  as  zero-con- 
figuration  networking,  a  standard  we’ll  dis¬ 


cuss  next  week),  administrator  password, 
server  mode  (single-  or  multiple-user)  and 
port  to  be  used. 

By  default,  the  Keyspan  USB  Server  uses 
User  Datagram  Protocol  and  TCP  on  Fbrt 
3842  so  you  will  need  to  configure  any 
firewalls  between  the  server  and  your  PC. 
From  your  PC  you  can  connect  to  as  many 
as  eight  USB  Servers  on  a  single  port;  to 
connect  to  the  next  eight  the  servers  will 
have  to  use  a  different  port. 

To  access  a  device  attached  to  a  USB 
Server  you  run  the  client-side  USB  Server 
software  and  can  browse  a  list  of  the  con¬ 
nected  devices  on  each  server  on  your  net¬ 
work.  Any  devices  not  in  use  by  other  peo¬ 
ple  can  be  connected  to,  at  which  point 
your  PC  will  take  over  and  “recognize”  the 
attachment  of  a  new  USB  device. 

After  that,  the  entire  system  is  completely 
transparent.  We  synced  our  Zaurus,  ran  the 
Zaurus’  IP  over  USB  software  and  connect¬ 
ed  to  a  variety  of  other  USB  devices,  all 
without  any  problems.The  Keyspan  USB 
Server  costs  $130  but  we’ve  seen  it  priced 
closer  to  $100. 

An  outstanding  device.  Highly  recom¬ 
mended. 

Connect  remotely  to  gearhead@gibbs. 
com. 


Cool 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


The  scoop:  Averatec  6200  series  note¬ 
book,  from  Averatec,  about  $1,250 

What  it  does:  Averatec  bills  its  6200  series 
notebook  as  mobile  theater,  as  this  device 
looks  more  like  a  large  portable  DVD 
player  than  a  computer  notebook.  In 
fact,  that’s  one  of  its  selling  points 
—  the  ability  to  play  DVD 
movies  or  audio  CDs  without 
users  having  to  boot  up  their 
operating  systems.  In  this 
mode,  watching  a  movie  or  lis¬ 
tening  to  music  is  controlled  by  The  Averatec  6200  makes  it 
an  infrared  remote  control,  easy  to  watch  a  movie  or  lis- 
which  conveniently  fits  inside  ten  to  a  CD. 
the  PC  card  slot.  The  notebooks 
15.4-inch  TFT  widescreen  display  helps  in  watching 
widescreen  DVD  movies,  and  Averatec  says  you  can  watch 
three  90-minute  movies  with  the  device  when  on  battery 
power. 

Because  this  is  a  notebook,  you  can  boot  up  the  system 
and  get  some  work  done  when  you  get  sick  of  watching 
movies.The  notebook  runs  on  an  Advanced  Micro  Device 
Athlon  XP-M  2400+  processor,  has  512M  bytes  of  RAM,  a 
60G-byte  hard  drive, and  802.1  lg  wireless  LAN  connectivity 

Why  it’s  cool:  Booting  up  the  operating  system  to  watch  a 
movie  on  a  plane  or  listen  to  a  CD  always  has  seemed  to 
take  too  much  energy  and  also  seems  to  waste  power, so  we 


like  how  these  functions  can  be  handled  without  having  to 
load  up  Windows  (take  that,  Microsoft!).  The  6200  series 
notebook  has  a  great  display  (very  bright  when  on  AC 
power), the  keyboard  has  a  great  tactile  feel, and  the  remote 
is  very  easy  to  use.  It  was  odd  to  find  the  Ethernet  port, 
modem  port  and  USB  ports  (two  on  each  side)  on  the  side 
of  the  computer,  as  the  notebook’s  battery  took  up 
the  back  end.  At  6.2  pounds,  it’s  a  little 
heavier  than  a  typical  traveling  notebook. 
But  we  can  see  using  it  as  a  portable  DVD 
player  more  often  than  using  our  other 
computers  that  have  DVD 
drives. 

Grade:  kkkk  (out 
of  five) 


The  scoop:  LG 
VX7000  (Verizon 
Wireless  exclusive),  from 
LG,  about  $180  (after  rebates 
with  two-year  agreement) 

What  it  does:  The  successor  to 
the  VX6000  model,  the  VX7000  is  the 
phone  to  have  if  you  don’t  have  a  smart 
phone/PDA  but  still  want  more  features  than 
just  a  phone  that  makes  calls.  Key  to  the  extra 
features  is  a  video/camera  phone  with  an  inte¬ 
grated  flash.  The  camera  feature  lets  you  take 
still  images,  or  videos  up  to  15seconds.You  can 
send  those  messages  over  Verizon’s  CDMA  lx 
wireless  network  to  other  phones  or  e-mail 
addresses.  The  clamshell-style  phone  has  two 
color  displays,  one  external  (96  by  96  pixels,  4,096 
colors  supported),  which  shows  signal  strength,  bat¬ 
tery  lifetime  and  date; and  an  internal  display  (176  by  220 
pixels, 262,000  colors  and  1 1  lines  of  text  supported) .When 
a  call  comes  in,  the  external  display  can  show  caller  ID 
data,  including  the  photo  of  the  person  calling  (if  you  have 


taken  their  photo  beforehand). A  five-way  navigation  button 
and  backlit  keypad  add  to  the  coolness  of  the  phone. 

Why  it’s  cool:  I’ve  had  my  current  cell  phone  for  about 
18  months,  despite  having  lost  it  twice  (once  at  Universal 
Studios  in  Orlando,  once  in  my  car).  I  have  been  very 
happy  with  that  phone,  until  I  tried  the  VX7000.In  the  past 
two  years,  the  technology  has  leapt  forward  immensely 
and  you  would  have  thought  my  old  cell  phone  was  a  6- 
pound  brick  with  a  rotary  dial.  More  impressive  to  me 
than  the  camera  features  was  how  much  the  interface  has 
improved.  Accessing  all  the  features,  such  as  text  and 
photo  messaging,  downloading  ring  tones,  games  and 
adding  contacts,  is  about  10  times  easier  than  it  is 
with  my  current  phone.  Downloading  things  over 
Verizon’s  CDMA  lx  wireless  network  seems  faster  as 
well,  and  several  applications  include  much  better 
animation  than  my  current  phone. The  best  part  is 
that  battery  life  is  much  longer  than  my  current 
phone’s  battery  life.  (Verizon  claims  up  to  198 
minutes  of  talk  time,  and  up  to  180  hours  of 
standby  time.)  We  normally  don’t  go  for  more 
than  a  day  or  two  with  our  current  phone 
before  hooking  it  up  to  the  charger  —  with  the 
VX7000  we  didn’t  worry  for  at  least  four  or 
more  days. 

So  if  I  lose  my  current  phone  again, 
chances  are  I’ll  be  picking  up  a  VX7000  to 
replace  it.  Heck,  I  might  even  purposely 
ose  it. 

Grade:  kkirki 

Shaw  can  be  reached  at 
kshaw@nww.  com 


The  LG  VX7000  has 
a  user-friendly 
interface  and  long 
battery  life. 
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Should  companies  outsource 
their  e-mail  security? 


Industry  insiders  debate  whether  it's  best  to  handle  e-mail  security  in-house  or  use  a  service  provider. 


Yes,  Dan  Nadir,  FrontBridge 


ompanies  need  a  reliable  way  to  secure  their  messaging  infrastructure  from 
the  negative  financial  and  productivity  effects  of  spam,  viruses  and  network 
outages. Today,  they  have  two  primary  options:  install,  maintain  and  manage 
an  internal  solution,  or  outsource  the  management  of  their  e-mail  infrastruc¬ 
ture  to  a  managed  service  provider. 

Premises-based,  or  in-house,  message  management  requires  that  internal  IT  depart¬ 
ments  spend  time  and  money  to  combat  spam  and  viruses.  Building  and  then  scaling 
the  solution  is  limited  by  budget  constraints,  and  capacity  planning  is  extremely  diffi¬ 
cult  because  of  the  unpredictable  volume  and  impact  of  spam  and  virus  threats. 
Furthermore,  with  an  in-house  e-mail  security  system,  IT  professionals  bear  sole  respon¬ 
sibility  for  maintaining  infrastructure,  installing  and  updating  spam  filters  and  virus  def¬ 
initions,  and  enforcing  policy. 

By  comparison,  outsourced,  or  perimeter-based,  message  management  services  are 
designed  to  ensure  the  integrity  and  security  of  e-mail  before  it  enters  corporate  network 
infrastructures,  without  scalability  worries.The  service  delivery  model  requires  no  capital 
outlay,  and  covers  all  maintenance  and  upgrade  responsibilities  and  costs.  Outsourcing 
provides  companies  with  protection  that  is  up  to  date  and  available  24-7,  even  as  new 
spam  and  virus  techniques  are  introduced.  And  in  the  event  of  a  major  outage,  managed 
service  providers  can  securely  queue  e-mail  in  multiple  locations  and  resume  delivery  as 
soon  as  the  local  network  and  servers  are  operational. 

Outsourcing  e-mail  security  for  external  Internet  email  is  no  more  risky  than  “outsourc¬ 
ing”  overnight  packages  to  a  delivery  service  such  as  FedEx  or  UPS. Yet,  no  company  seri¬ 
ously  contemplates  bringing  package  delivery  “in-house”  and  taking  on  a  fleet  of  jets  and 
delivery  personnel. 

Some  managed  email  security  providers  layer  on  more  security  via  encryption  (using 
protocols  such  as  Transport  Layer  Security)  than  the  email  would  have  if  it  were  delivered 
without  a  security  provider. 

For  network  managers,  the  decision  to  outsource  any  function  is  based  on  the  interplay 
of  three  primary  criteria:  control,  performance  and  cost  containment.  Managed  email  ser¬ 
vices  provide  IT  managers  with  the  control  they  require,  and  remove  the  admin¬ 
istrative  overhead  of  managing  and  scaling  the  system.  Performance  is  guaran¬ 
teed  by  servicelevel  agreements  that  deliver  more  than  99.999%  reliability 
And  finally,  with  managed  services,  costs  remain  fixed  over  time. 

Spam  is  more  than  a  time-consuming  annoyance, and  its  presence  threat¬ 
ens  productivity  and  jeopardizes  business  goals.  Managed  e-mail  service 
providers  are  the  answer  to  e-mail  security  because  they  block  viruses  and  spam 
before  they  enter  a  company’s  network  with  little  to  no  administrative  effort 
required  by  an  already  overtaxed  IT  department. 


No,  Paul  Judge,  CipherTrust 


More  online! 


Nadir  is  vice  president  of  product  management  for  FrontBridge 
Technologies,  an  enterprise  message  management  services  provider 
in  Marina  del  Rey,  Calif.  He  can  be  reached  at  dan@frontbridge.com. 


Log  on  to  Network  World  Fusion  to  voice  your  opinion 
Face-off  authors  Dan  Nadir  and  Paul  Judge  will  add 
their  thoughts  to  the  discussion. 
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-mail  security  consists  of  five  critical  components:  spam  and  fraud  prevention; 
virus  and  worm  protection;  policy  and  content  compliance;  e-mail  privacy;  and 
intrusion  prevention.  Managed  service  providers  address  only  two  of  these 
components: spam  and  viruses. Deciding  to  use  a  managed  service  rather  than 
handling  e-mail  security  in-house  means  leaving  your  organization  vulnerable 
to  threats  that  include  policy  violations,  fraud,  eavesdropping  and  intrusions. 

Anti-spam  technology  has  come  a  long  way  Two  years  ago,  products  competed  strictly 
on  effectiveness.  Six  months  later,  false-positives  raised  concerns,  and  products  began  to 
compete  on  accuracy  A  year  ago,  the  administration  of  anti-spam  point  products  became 
a  hot  topic.  Today  companies  demand  anti-spam  products  yielding  high  effectiveness, 
maximum  accuracy  and  low  administration,  which  both  the  top  managed  services  and 
in-house  offerings  can  deliver. 

Much  like  anti-virus,  anti-spam  is  becoming  a  commodity  Everyone  needs  it;  both  man¬ 
aged  services  and  in-house  solutions  offer  it.  But  the  responsibility  of  an  email  security 
provider  does  not  end  with  anti-spam  and  anti-virus.  In  fact,  it’s  just  the  beginning. 

While  managed  services  claim  to  have  policy  enforcement  capabilities,  companies 
require  much  more  robust  capabilities  than  providers  offer.  E-mail  security  products  must 
be  able  to  prevent  content  and  policy  violations  for  inbound  and  outbound  traffic,  and 
provide  comprehensive  content  filtering,  monitoring  and  reporting  capabilities.  Only  in- 
house  offerings  provide  this  level  of  policy  and  content  compliance.  If  your  e-mail  secu¬ 
rity  provider  isn’t  equipped  to  recognize  and  prevent  policy  and  content  violations,  you 
don’t  really  have  e-mail  security 

E-mail  privacy  is  becoming  a  critical  requirement  for  organizations  concerned  with 
intellectual  property  theft,  eavesdropping  and  regulatory  compliance.  And  as  e-mail  has 
been  progressively  more  subject  to  snooping  and  other  fraudulent  activities, organizations 
are  prone  to  new  threats,  and  can  run  afoul  of  government  and  industry  regulations. 
Protecting  e-mail  in  transit  is  no  longer  just  an  option  for  organizations;  it  is  a  necessity 
Again,  in-house  e-mail  security  products,  not  managed  services,  bring  this  expertise  to  the 
table.  If  your  e-mail  security  provider  cannot  provide  encryption  capabilities,  you  don’t 
really  have  e-mail  security 

Lastly  managed  services  cannot  provide  intrusion  prevention  for  e-mail 
systems.  Properly  architected  in-house  offerings  act  as  a  single,  protected 
gateway  to  defend  against  threats  and  intrusions  targeted  at  the  e-mail  sys¬ 
tem,  utilizing  an  e-mail  firewall  and  intrusion-prevention  capabilities  to 
protect  against  attacks.If  your  e-mail  security  provider  cannot  protect  your 
company  from  attacks,  including  denial-of-service  and  buffer  overflows, you 
don’t  have  e-mail  security. 

While  some  organizations  may  outsource  anti-spam  and  anti-virus 
protection,  no  organization  can  outsource  its  e-mail  security 


Judge  is  CTO  for  CipherTrust,  a  global  e-mail  security  company  in 
Atlanta.  He  can  be  reached  at  pqjudge@ciphertrust.com. 
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ON  TECHNOLOGY 

John  Dix 

RFI  for  IP  PBX 
vendor 
showdown 

The  Voice  on  the  Net  show  is  always  a  good  place  to 
call  IP  PBX  players  on  the  carpet  to  challenge  their 
marketing  claims  and  get  them  to  try  to  spell  out 
how  they  are  different. 

We’ve  hosted  four  Network  World  Showdowns  at  VON 
over  the  years,  examining  everything  from  basic  IP  PBX 
architectures  to  the  question  of  whether  IP  Centrex  is  a 
meaningful  alternative  to  rolling  your  own. 

At  VON  this  fall  in  Boston  we  are  going  to  change  the 
approach  a  bit  to  stir  things  up.  Instead  of  our  usual  presi¬ 
dential-style  debate,  we  are  inviting  six  vendors  to  come 
prepared  to  discuss  a  request  for  information  (RFI)  and 
why  their  offering  is  better  than  those  proposed  by  their 
brethren. 

The  vendors  invited:  Avaya,  Cisco,  Lucent,  Mitel,  Nortel 
and  3Com  (please  confirm  by  Sept.  27).  While  most  of 
these  companies  are  prominent  in  the  VoIP  world,  why 
Lucent?  The  company  recently  re-entered  the  enterprise 
VoIP  market  by  combining  some  of  its  own  technology 
with  that  of  OEMs,  and  as  a  $8.5  billion  communications 
giant,  we  need  to  know  if  it  is  going  to  be  a  player. 

They  will  discuss  an  RFI  for  a  hypothetical  company 
with  a  New  York  headquarters  with  400  stations  and  five 
T-l  trunks;  a  branch  office  in  Hoboken,  N.J.,  with  10  sta¬ 
tions,  five  analog  lines  and  T-l  access;  and  a  branch 
office  in  Bakersfield,  Calif.,  with  10  stations,  five  analog 
lines  and  DSL. 

While  the  company  wants  to  know  how  much  it  will 
cost  for  a  VoIP  solution,  it  is  primarily  interested  in  what 
productivity  gains  it  can  expect  and  how  the  system  will 
support  emerging  technologies  such  as  Wi-Fi  phones  and 
the  ability  to  detect  and  take  advantage  of  presence. 

Each  vendor  will  be  given  5  minutes  to  walk  us  through 
an  architectural  slide  and  a  benefits  slide,  and  then  will 
field  5  minutes  of  questions  from  yours  truly  and  Carl 
Ford,  a  long-time  industry  veteran  and  VON’s  vice  presi¬ 
dent  of  community  development. 

We  also  will  ask  one  vendor  to  chime  in  on  each  review, 
with  the  sequence  for  that  picked  in  a  random  draw 
before  the  event  starts. 

While  that  will  eat  up  the  bulk  of  our  allotted  time,  each 
vendor  also  should  come  prepared  with  a  question  for 
one  of  the  other  players  for  a  rapid-fire  give-and-take  at 
the  end  of  the  session.  If  time  permits,  we  also  will  throw 
it  open  to  questions  from  the  audience. 

So  please  join  us  Wednesday,  Oct.  20,  from  2:45  to  4  p.m. 
at  the  Fall  2004  VON  Conference  &  Expo  at  the  Hynes 
Convention  Center  in  Boston.  (See  www.von.com  for 
details.) 
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Creating  a  monster 

Regarding  Mark  Gibbs’  BackSpin  column  “Franken- 
soft:  The  monster  we  made”  (www.nwfusion.com, 
DocFinder:  3425):  From  1978  to  1993  1  was  an  Apple 
dealer.  I  saw  the  best  of  times  and  the  worst  of  times. 

The  dominance  of  Microsoft  is  as  much  the  fault  of 
Apple  as  it  is  the  buyers  who  could  not  look  beyond 
the  letters  IBM.  Had  Apple  not  been  so  incredibly 
brilliant  (taking  new  ideas  and  building  products 
around  them),  disgustingly  arrogant  (making  sure 
that  everyone  knew  how  brilliant  they  were)  and 
perpetually  rudderless  (not  keeping  a  marketing 
plan  or  CEO  for  more  than  10  minutes),  we  would 
not  be  in  the  Microsoft  swamp  today 

Vern  Mastel 
Technology  coordinator 
Bismarck  Veterans  Memorial  Public  Library 

Bismarck,  N.D. 

More  power  to  you 

Regarding  Mark  Gibbs’  Gearhead  column  “Net¬ 
working  your  garden”  (DocFinder:  3426):  I  have 
been  running  an  extensive  X-10  remote-control  sys¬ 
tem  in  my  various  residences  for  the  past  20  years. 
The  main  reason  X-10  communication  is  not  always 
reliable,  something  that  Gibbs  does  not  cover  in  his 
column,  is  that  we  have  two  separate  1 1 7V  AC  power 
circuits  (phases)  in  our  homes. 

Residential  power  is  supplied  from  the  secondary 
winding  of  a  local  utility  transformer  as  a  three-wire, 
234V center-tapped  feed,  where  the  center  tap  is  con¬ 
nected  to  earth  ground.  Half  the  residential  1 17V  AC 
outlets  and  lights  are  fed  from  ground  and  one  side 
of  the  234V  power  line,  while  the  other  half  of  the  cir¬ 
cuits  are  fed  from  ground  and  the  other  side  of  the 
234V  line. 

E-mail  letters  to  jdix@nww.  com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  uerification. 


The  high-frequency  signals  (around  100  KHz)  that 
X-10  uses  do  not  travel  well  from  one  side  of  the 
234V  power  line  to  the  other. This  has  caused  many 
users  to  consider  X-10  unreliable. 

The  solution  is  to  install  a  0.1-  or  0.01-microfarad 
ceramic  disc  capacitor  inside  the  electric  panel  be¬ 
tween  the  two  hot  sides  of  the  power  line.  Installing 
the  capacitor  between  two  adjacent  breakers  that 
are  on  opposite  power  phases  can  easily  do  this. 
(The  two  power  distribution  strips  in  the  panel 
underneath  the  breakers  make  a  zigzag  down 
through,  so  the  phases  alternate  with  each,  or  with 
every  second,  breaker  slot.)  Such  a  disc  capacitor 
should  have  a  minimum  600V  rating,  preferably 
1000V  You  can  find  one  at  Radio  Shack. 

Once  the  capacitor  has  been  installed,  the  X-10 
high-frequency  signal  will  be  bridged  between  the 
two  power  phases,  and  your  household  X-10  system 
will  work  much  better.  You  won’t  have  to  hunt 
around  anymore  for  an  AC  outlet  that  is  on  the  right 
power  phase  for  it  to  work  reliably  Also,  do  not  plug 
X-10  devices  into  the  high-end  type  of  power  bar  that 
has  built-in  power-line  filtering,  because  this  will 
attenuate  the  X-10  signal. 

Tore  Hansen 
Calgary,  Alberta,  Canada 

Simple  solution 

Regarding  Mark  Gibbs’  BackSpin  column  “False  pos¬ 
itives”  (DocFinder:  3427):  I  really  don’t  see  the  prob¬ 
lem  with  false  positives.  When  it  comes  to  important 
items,  such  as  a  big  contract,  the  sender  is  usually 
predictable  and  should  already  be  in  a  whitelist  of 
some  sort.  If  your  filter  can’t  handle  this  correctly  it 
has  a  pretty  basic  glitch.  For  unpredictable  things, 
such  as  orders,  don’t  use  e-mail,  use  a  form  on  a  Web 
site.  1  haven’t  yet  seen  a  truly  important  e-mail  this 
strategy  wouldn’t  cover. 

Doug  Murray 
Altamonte  Springs,  Fla. 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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STAYING  CONNECTED 

Edward  Horrell 


I  was  not  surprised  by  how  little  noise  AT&T’s  recent  decision  to 
drop  out  of  the  residential  local  services  market  and  concentrate 
on  the  business  market  has  made.  Other  than  the  few  residential 
customers  who  will  be  inconvenienced,  who  cares? 

The  telecom  field  has  become  too  crowded. The  result  is  too  many 
companies  clamoring  for  pieces  of  the  pie  and  having  to  cut  back  on 
support  services  just  to  keep  afloat.  Instead  of  having  a  few  great 
companies  offering  world-class  service  and  support,  we  have  many 
marginal  companies  working  hard  to  stay  alive.  I  am  constantly 
amazed  at  the  number  of  clients  who  tell  me, “They’re  all  bad  . . .  let’s 
just  try  to  select  the  best  of  the  bad.” 

I  recently  moderated  a  panel  of  leading  IT  professionals  from  the 
Mid-South  who  agreed  to  appear  before  an  audience  consisting  pri¬ 
marily  of  IT  product  and  service  vendors.  The  mission  was  to  share 
with  this  audience  how  these  buyers  wanted  to  be  sold  to, from  the  ini¬ 
tial  call  through  support.  Products  and  services  discussed  included 
local  exchange  carrier,  competitive  local  exchange  carrier  (CLEC), 
interexchange  carrier,  ISP  and  wireless  services;  transport;  telephone 
systems;  and  data  network  hardware. 

Significantly,  the  IT  pros  considered  virtually  all  these  products 
and  services  to  be  commodities.  In  other  words,  they  did  not  feel 
the  providers  offered  anything  to  differentiate  themselves  other 
than  price. 

As  a  vocal  proponent  of  telecom  deregulation  during  the  early 
1980s,  I  felt  that  open  competition  would  be  good  for  a  number  of 
reasons,  including  faster  offering  of  new  technology  and  lower 
prices.  I  spoke  at  conferences  all  over  the  country  and  loudly 


Drowning  in  a  sea  of  choices 


expressed  support  of  deregulation  and  the  good  it  would  bring. 

While  I  have  not  changed  my  mind,  I  am  concerned  about  the  state 
of  the  industry.  AT&T’s  recent  removal  of  its  toe  from  the  CLEC  water 
drives  it  home.  While  technological  changes  continue  and  new  ser¬ 
vices  become  available,  the  pioneer  in  an  area  barely  has  time  to 
complete  beta  tests  before  new  competitors  decide  to  get  into  the 
same  market.The  result  is  what  we  have  today:  too  many  choices  by 
too  many  companies  offering  the  same  thing. 

How  many  options  do  we  need  for  local  telephone  service?  Long¬ 
distance?  ISP  services? 

If  you  go  to  a  Hyatt  Hotel  and  then  to  a  Motel  6, you’ll  see  a  distinct 
difference  in  quality  in  what  you  will  get  for  the  price  difference.  But 
what  IT  vendor  honestly  can  say, “We’re  more  expensive  but  the  dif¬ 
ference  in  quality  is  measurable”?  (Note  that  1  added  “honestlyf  as 
many  will  say, “We ’re  the  best,”  but  have  trouble  showing  it  —  there’s 
that  commodity  issue  again.)  Please  contact  me  and  show  me  how 
your  service  or  product  separates  itself  from  the  competition.  But  I 
don’t  want  to  hear  about  design  issues,  better  components  or  better 
people  —  show  me  the  measurable  performance  difference  that 
supports  the  better  design,  components  or  people. 

We  don’t  need  more  choices.  What  we  need  is  faster,  more  reliable, 
more  robust.  Losing  AT&T  for  local  service  is  not  a  loss;  it’s  just  one 
less  option. 


How  many 
options  do  we 
need  for  local 
telephone  ser¬ 
vice?  Long¬ 
distance?  ISP 
services? 


Horrell  is  an  independent  telecom  consultant,  speaker  and  author  in 
Memphis,  Tenn.  He  can  be  reached  at  edwardhorrell@mindspring.com 
or  via  his  Web  site,  www.edhorrell.com. 


TELECOM  CATALYST 

Daniel  Briere 
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n  a  presidential  election  year,  everything  is 
up  for  grabs  —  even  things  no  one  has 
seemed  to  care  about  for  a  long  time. 
Telecom  policy  fits  into  that  slot.  Other  than 
making  vague  promises  about  seeing  broad¬ 
band  ubiquitously  deployed  by  2007,  the  Bush 
administration  has  shown  little  interest  in  tele¬ 
com  as  a  strategic  segment  of  the  U.S.  future. 

Both  George  W  Bush  and  John  Kerry  have  delivered  speeches  on  the 
importance  of  catching  up  to  the  world  in  broadband  deployment  — 
the  U.S.  is  currently  1 1th  —  and  each  has  a  plan.  Kerry  would  spend 
some  government  money  in  tax  credits  to  encourage  investment,  while 
Bush  says  the  free-market  approach  is  working  and  is  even  willing  to 
take  credit  for  the  broadband  upsurge  of  the  past  two  years. 

What  both  candidates  fail  to  realize  is  that  there  is  more  in  play  than 
just  making  cable  modems,  DSL  or  wireless  technology  widely  avail¬ 
able  at  low  cost.  While  we  are  hoping  to  make  services  available  today 
that  deliver  less  than  1M  bit/sec  downstream  and  a  fraction  of  that 
upstream,  companies  in  Asia  are  offering  8M  bit/sec  to  more  than  20M 
bit/sec.  Even  in  Europe,  once  a  comfortable  follower  of  U.S.  trends, 
broadband  access  at  multi-megabit  speeds  is  considered  normal. 

In  many  cases, the  broadband  revolution  was  fueled  by  a  government 
directive  and  government  incentives,  especially  in  Asia.  South  Korea, 
the  model  of  broadband  deployment,  created  requirements  for  the 
incumbent  carrier  and  financial  incentives  for  the  competition. 

By  contrast,  the  U.S.  government  creates  confusing  rules  that  effec¬ 
tively  paralyze  both  sides  of  the  competitive  divide.  Many  brush  off  the 
problem  as  the  result  of  our  geography  Europe  and  Asia  are  more 
densely  populated,  so  loop  lengths  are  shorter  and  more  bandwidth 
can  be  delivered. That’s  a  good  point,  but  now  explain  Canada,  whose 
spaces  are  even  more  wide  open  but  which  ranks  well  above  us  in 
broadband  deployment. 

And  where  those  who  crave  broadband  try  to  cautiously  navigate  the 


Telecom  policy  gets  political 


dumbfounding  maze  of  regulation,  there  is  no  guarantee  that  the  rules 
won’t  suddenly  change.Take,  for  example,  the  many  municipalities  and 
publicly  owned  power  companies  that  are  building  their  own  fiber¬ 
optic  networks.  In  12  states,  they  face  prohibitions  of  one  kind  or  an¬ 
other,  many  put  in  place  to  protect  the  incumbent.  The  landscape  for 
the  willing  builders  of  alternative  networks  can  be  rocky  and  bleak. 

This  is  largely  true  because  politicians  are  creatures  of  habit, and  they 
have  a  habit  of  listening  to  lobbyists.The  incumbents  have  many  more 
lobbyists  than  any  of  the  advocacy  groups  backing  independent  broad¬ 
band  network  construction.  In  some  cases,  the  incumbents  can  sway 
public  opinion  —  Qwest  convinced  Salt  Lake  City  that  it  wasn’t  worth 
joining  a  fiber-to-the-home  consortium  if  it  meant  jeopardizing  near- 
term  DSL.  The  city  bailed  on  the  Utah  Telecommunications  Open 
Infrastructure  Agency  (UTOPIA)  fiber-optic  project,  which  is  proceed¬ 
ing  to  connect  1 1  smaller  cities. 

Ultimately,  falling  behind  in  global  broadband  deployment  will  have 
a  significant  impact  on  our  economic  development,  particularly  in  the 
high-technology  arena.  Cities  such  as  the  1 1  involved  in  UTOPIA  and 
Provo,  Utah,  which  is  building  iProvo,  its  own  separate  fiber-optic  net¬ 
work,  see  broadband  access  as  key  to  their  economic  development 
and  are  pushing  ahead,  at  great  cost  and  some  risk. 

It  makes  no  sense  to  me  that  our  government  is  not  only  incapable  of 
formulating  policies  that  encourage  true  broadband  deployment  but 
also  seems  unable  to  get  out  of  the  way  of  those  who  would. 

It  will  take  the  loud  voices  of  those  affected  to  begin  to  drown  out  the 
lobbying  din  of  the  large  incumbents.There  are  organizations  devoted 
to  this  effort  —  for  example,  the  Center  for  Internet  and  Society  at 
Stanford  University  has  just  put  out  an  interesting  treatise  on  the  need 
for  open-access  networks.  And  those  of  us  engaged  in  technology  need 
to  be  more  willing  to  get  involved,  if  only  out  of  rational  self-interest. 


The  U.S.  govern¬ 
ment  creates 
confusing  rules 
that  effectively 
paralyze  both 
sides  of  the  com¬ 
petitive  divide. 


Briere  is  CEO  of  TeleChoice,  a  market  strategy  consultancy  for  the  tele¬ 
com  industry.  He  can  be  reached  at  telecomcatafyst@telechoice.com. 


Automated  Systems  Management  Made  Easy 


New  Sitekeeper®  3.1  is  the  budget-friendly,  easy-to-use 
solution  to  automating  your  systems  management 

How  do  you  know  if  you  need  Sitekeeper?  !f  you’re  not  100%  certain  that  all 
your  software  is  properly  licensed...  if  news  of  a  security  patch  means 
changing  your  plans  for  the  weekend...  if  you  inventory  your  hardware  and 
software  with  a  spreadsheet  or  a  clipboard...  if  your  current  systems 
management  solution  is  overpriced,  complicated  bloat-ware  that  never  seems 
to  work  correctly...  you  need  Sitekeeper! 

With  Sitekeeper,  you  can  keep  your  site  safe,  legal  and  secure,  avoid  legal 
action  and  over-buying,  and  never  worry  about  missing  a  single  security 
patch— all  with  point-and-click  ease.  No  special  training  or  dedicated  server 
required — with  Sitekeeper  you  can  start  managing  within  minutes  of 
installation.  Get  Sitekeeper  now! 


Sitekeeper  point  and  click  features: 

•  Automate  your  systems  management  in  under  an  hour 

•  Perform  fast,  accurate  hardware  and  software  inventories 

•  Generate  quick,  comprehensive  license  compliance  reports 

•Zero  in  on  machines  that  are  missing  specified  patches,  updates  and 

service  packs 

•  Remotely  install  software,  patches  and  updates  on  any  or  all  machines  on 

your  network 


Automated  Systems  Management— Simplified 

For  more  info  and  free  30-day  trialware,  visit 

www.  executive .  co  m/n  wsk33 

or  call  1-800-829-6468  Code  4294 


“I  use  Sitekeeper  to  push  out  security  updates  and 
keep  track  of  what  is  on  each  and  every  system. 
Time  is  a  luxury  I  don’t  have  and  Sitekeeper 
speeds  things  up  tremendously.” 

-Matt  Sorrow,  Magnum  Pacific,  Inc. 


Go  trom  manual  to  automated 
in  under  an  hour  today, ! 
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Enterprise  network 
analysis  tool 


Sourcefire’s  RNA  provides  instant 
visibility  into  your  network 


■  BY  JOEL  SNYDER,  NETWORK  WORLD  LAB  ALLIANCE 

ourcefires  Real-time  Network  Awareness  Sensor  2000  is  like  a  magic  eye  that 
watches  everything  happening  on  your  network.  By  combining  passive  network 
analysis  with  a  Web-based  management  system,  Sourcefire  delivers  a  powerful  tool 
to  IT  personnel  who  need  more  information  about  their  networks. 


While  RNA  Sensors  offer  a  wealth  of 
information  about  the  systems  and  ser¬ 
vices  on  your  network,  the  downside  is 
that  it  is  up  to  you  to  make  sense  out  of 
it  all. 

To  help  network  managers  understand 
the  information  from  RNA  Sensors  and 
the  alerts  and  events  from  the  company’s 
intrusion-detection  systems  sensors  (In¬ 
trusion  Sensor),  Sourcefire  offers  the  De¬ 
fense  Center  (if  purchased  collectively 
Sourcefire  refers  to  the  package  as  its  3D 
Product  Suite).  RNA  Sensors  and  Intrus¬ 
ion  Sensors  send  information  to  the 
Defense  Center,  which  provides  a  central 
view  of  alerts  and  events,  network  config¬ 
uration  information  and  forensic  data. 

RNA  Sensors  sit  passively  on  the  net¬ 
work  and  watch  the  traffic  pass  by  The 
RNA  Sensor  we  tested  had  four  Ethernet 


Net  Results 


RNA  Sensor  2000 


Company:  Sourcefire,  www.sourcefire. 
com  Cost:  RNA  Sensor,  $11,995;  Intrusion 
Sensor,  $11,995;  Defense  Center,  $16,995. 
Pros:  Instant  visibility  into  hosts,  services 
and  flows  on  your  network;  easy-to-use 
Web-based  management  with  high- 
performance  database;  quick  installation 
and  minimal  tuning;  data  gathering  non- 
intrusive;  has  no  impact  on  hosts  or 
network.  Cons:  Cannot  augment  or  modify 
information  gathered  by  RNA  Sensor; 
correlation  between  IDS  and  RNA  Sensor  | 
information  within  the  Defense  Center  is 
not  very  flexible  or  manageable. 


The  breakdown 


Performance/accuracy  30% 


4.5 


Flexibility  and  controls  20% 


3.5 


Ease  of  use  20% 


4.0 


Scalability  20% 


5.0 


Alerting  capabilities  10% 


2.0 


TOTAL  SCORE 


4.05 


Scoring  Key:  5:  Exceptional;  4:  Very  good;  3: 
Average;  2:  Below  average;  1:  Consistently 
subpar 


interfaces,  but  we  used  only  one  with  vir¬ 
tual  LAN-based  monitoring  to  give  RNA 
Sensor  visibility  into  different  parts  of  our 
production  network.  While  this  virtual 
LAN  capability  is  a  great  feature  for  a  net¬ 
work  site,  if  you  wanted  to  monitor  multi¬ 
ple  sites,  you’d  need  to  deploy  multiple 
sensors.  (See  How  we  did  it,  page  64.) 
Configuration  is  simple:  once  you  tell 
RNA  Sensor  what  networks  to  watch,  it 
begins  collecting  data  and  populating  its 
databases. 

As  RNA  Sensor  watches  the  packets  fly 
by,  it  builds  a  model  of  the  network  topol¬ 
ogy  and  pinpoints  the  hosts  on  your  net¬ 
work,  the  network  applications  they  are 
running,  and  the  users  and  devices  they 
are  communicating  with.  Because  RNA 
Sensor  watches  every  connection  to 
every  host,  it  also  collects  information 
about  specific  network  flows,  such  as  a 
particular  HTTP  connection  from  a  client 
to  a  server. 

RNA  Sensor’s  information  about  our 
network  was  quite  accurate.  Application 
identification  was  excellent, as  the  sensor 
found  obscure  mail  servers  on  non-stan¬ 
dard  ports  and  managed  to  get  product 
and  version  information  for  most  prod¬ 
ucts.  When  it  came  to  guessing  operating 
systems,  the  results  were  mixed.  RNA 
Sensor  collected  the  least  amount  of 
information  for  embedded  systems,  such 
as  printers  and  time  servers. 

RNA  Sensor  has  piles  of  useful  informa¬ 
tion  —  but  it  doesn’t  volunteer  specific 
data  if  you  don’t  ask  for  it.  If  you  go  to  the 
dashboard,  it  doesn’t  have  a  big  flashing 
light  saying  “Hey,  look  at  this.”  RNA 
Sensor’s  “policy-free”  architecture  is  great 
for  the  sophisticated  network  profession¬ 
al,  but  you’ve  got  to  have  an  idea  of  what 
you  want  to  know  —  or  combine  it  with 
Sourcefire’s  Defense  Center  manage¬ 
ment  console  —  before  it  becomes  a 
very  useful  tool . 

For  example,  when  we  got  a  complaint 
about  poor  performance  at  a  site,  we 
made  an  educated  guess  to  look  at  the 
flow  summary  to  see  the  top  10  connec¬ 
tion  initiators.  RNA  Sensor  showed  us  a 
list,  and  the  system  that  sat  at  the  top  of 
the  list  far  outweighed  any  other  device 


The  Sourcefire  Real-time  Network  Awareness  Sensor  2000  mixes  passive  network  traffic 
analysis  with  a  Web-based  management  system  to  give  IT  personnel  a  complete  picture  of 
network  activity. 


in  the  network.lt  had  been  compromised 
by  a  hacker  and  was  actively  looking  for 
other  vulnerable  systems,  consuming  lots 
of  bandwidth.  Looking  at  detailed  flow 
data  from  that  system  provided  by  RNA 
Sensor,  we  quickly  identified  the  scan¬ 
ning  pattern  and  even  the  IP  address  it  to 
which  it  reported.  When  you  do  know 
what  you’re  looking  for,  RNA  Sensor  can 
provide  the  data. 

Once  you  start  asking  questions,  you 
can  customize  display  screens  to  present 
and  summarize  information  and  gener¬ 
ate  reports.  Read  about  a  patch  for  an 
obscure  FTP  server  and  want  to  know  if 
you’re  running  the  vulnerable  version? 
RNA  Sensor  will  give  you  that  informa¬ 
tion  in  two  clicks, even  if  the  FTP  server  is 
running  on  a  non-standard  port.  Need  a 
table  of  all  your  BSD-based  hosts,  along 
with  version  numbers?  That  takes  three 
clicks  (plus  you  have  to  type  “BSD”). 

There  are  limits,  though:  RNA  Sensor 
doesn’t  show  information  such  as  patch 
levels  or  applications  running  within 
Web  servers.  And  it  only  keeps  track  of 
network  server  applications,  not  client 
applications,  so  you  can’t  find  out  what 
Web  browsers  or  e-mail  clients  users 
have,  for  example. 

Events  and  policy 

RNA  Sensor  offers  a  limited  policy-com¬ 
pliance  tool  kit.  As  the  product  gathers 
information  about  systems,  it  generates 
internal  events. You  can  search  the  event 
logs  at  any  time, or  with  the  policy  tool  kit 
you  can  build  rules  that  watch  for  partic¬ 


ular  combinations  of  events  and  values. 
When  these  incidents  occur,  RNA  Sensor 
will  send  e-mail,  an  SNMP  trap  or  a  syslog 
message.The  main  problem  with  this  pol¬ 
icy-compliance  tool  kit  is  its  limited 
vocabulary  For  example, you  can  be  alert¬ 
ed  if  a  host  suddenly  starts  running  any 
new  service,  but  you  cannot  specify  that  it 
be  only  a  new  mail  service.  Although  you 
can  be  alerted  about  any  RNA  Sensor 
event,  the  detail  is  coarse  enough  that 
you’d  need  another  tool, such  as  a  securi¬ 
ty  event  manager.  (See  the  test  of  these 
tools  at  www.nwfusion.com,  DocFinder 
342 1 ,  to  filter  out  the  alerts.) 

The  true  power  of  RNA  for  policy  com¬ 
pliance  and  monitoring  comes  in  the 
Defense  Center,  and  this  is  where 
Sourcefire  hits  its  stride.  When  RNA 
Sensors  are  connected  to  a  Defense 
Center  console,  policy-compliance  rules 
are  evaluated  on  the  management  con¬ 
sole,  which  means  you  can  combine  the 
results  from  multiple  sensors  when  writ¬ 
ing  policy  rules.  That  provides  a  greater 
amount  of  information,  but  it  still  falls 
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itiort  oi  wiling  rules  based  on  both  RNA 
.‘jensor  and  Intrusion  Sensor  events. 

Sou  reef  ire’s  Defense  Center  does  some 
limited  correlation  of  Intrusion  Sensor  and 
RNA  Sensor  information  in  a  feature  the 
company  calls  “impact  alerting.”  The  idea 
behind  impact  alerting  sounds  great: 
match  up  an  Intrusion  Sensor  alert  with 


RNA  Sensor  information, and  send  only  the 
relevant  alerts.  Unfortunately,  it  doesn’t 
work  well.  Because  RNA  Sensor  doesn’t 
have  perfect  knowledge  of  what  is  and  isn’t 
vulnerable  on  the  network, you  have  irrele¬ 
vant  impact  alerts.  While  you  can  filter  out 
the  Intrusion  Sensor  alerts,  which  will  keep 
the  impact  alerts  from  showing  up,  you 


can’t  do  anything  about  RNA  Sensor’s 
knowledgebase:  there’s  no  way  to  add  or 
modify  information  that  will  make  RNA 
Sensor  smarter  about  a  host’s  services  or 
vulnerabilities.So  if  RNA  Sensor  has  misde- 
tected  an  operating  system  or  doesn’t  real¬ 
ize  that  a  patch  has  been  applied, you  can’t 
make  it  any  smarter. 


Unlike  the  Intrusion  Sensor  rules,  which 
are  fully  customizable  and  visible,  impact 
rules  that  correlate  RNA  Sensor  informa¬ 
tion  and  Intrusion  Sensor  alerts  together 
are  opaque  and  can’t  be  seen  or  individu¬ 
ally  enabled  or  disabled.  The  only  detail 
you  have  is  whether  to  receive  alerts  clas¬ 
sified  as  “vulnerable,”  “potentially  vulnera¬ 
ble,”  “currently  not  vulnerable,”  or  “un¬ 
known.”  If  you  disagree  with  Sourcefire’s 
embedded  analysis,  you  have  to  suppress 
the  Intrusion  Sensor  alert  so  that  it  never 
gets  to  the  impact-alerting  part  of  your 
management  console. 

Sourcefire  engineers  acknowledge  this 
and  are  working  to  improve  impact  alerts, 
company  officials  say 

By  itself,  or  integrated  with  Sourcefire’s 
Defense  Center,  RNA  Sensor  is  a  powerful 
tool  for  discovering  and  reporting  on  what 
is  happening  on  your  network.  Like  many 
tools,  what  you  get  out  of  it  depends  on  the 
skill  of  the  craftsman. 

Snyder  is  a  senior  partner  at  Opus  One  in 
Tucson,  Ariz.  He  can  be  reached  at 
jms@opusI.com. 


9  How  We  Did  It 


We  installed  Sourcefire’s  3D 
Product  Suite,  consisting  of 
an  RNA  Sensor  2000  Version 
2.0,  an  Intrusion  Sensor  2000  Version 
3.2  and  a  Defense  Center  1000  Vers¬ 
ion  3.2,  onto  our  production  network. 
Sourcef  ire  provided  “release  candi¬ 
date"  versions  and  installation  assis¬ 
tance  for  all  three  products  to  high¬ 
light  the  new  integration  of  the  RNA 
Sensor  and  Intrusion  Sensor  infor¬ 
mation  onto  the  Defense  Center. 

Tuning  RNA  Sensor  simply  means 
telling  it  which  hosts  to  pay  atten¬ 
tion  to  —  which  networks  belong  to 
you  —  which  only  took  a  few  min¬ 
utes.  To  test  the  Defense  Center 
integration,  we  had  to  tune  the 
Intrusion  Sensor  by  disabling  some 
alerts  and  writing  specific  “pass" 
rules  for  others.  We  took  two  weeks 
to  tune  the  Intrusion  Sensor  output, 
spending  one  to  two  hours  per  day 
customizing  the  Intrusion  Sensor 
policy  to  eliminate  false  alerts. 

Once  the  Intrusion  Sensor  output 
was  reduced  to  a  small  number  of 
alerts  each  day,  we  enabled  impact 
alerts  for  systems  the  Defense 
Center  considered  “vulnerable" 
based  on  the  combination  of  Intrus¬ 
ion  Sensor  and  RNA  Sensor  data. 

To  evaluate  how  useful  RNA  was, 
we  set  out  with  eight  tasks  and 
looked  at  how  hard  (or  easy)  it  was 
to  complete  them,  including  identify¬ 
ing  compromised  systems,  reporting 
software  and  version  information  on 
mail  and  Web  servers,  alerting  on 
newly  installed  systems,  and  setting 
up  common  queries  to  summarize 
servers  and  applications  on  a  partic¬ 
ular  network  segment. 


The  reason  the  world's  leading  companies 
rely  on  Equant  for  their  global  communications 


Your  business  communications  can't  be 
left  to  chance.  Fortunately,  there's  a 
provider  with  the  track  record  to  inspire 
your  confidence.  An  innovator  with  over  5  years 
experience  using  convergence-ready  MPLS 
technology  that  powers  business  solutions 
for  over  1100  companies.  A  provider  trusted 
by  the  world's  leading  companies. 

That  provider  is  Equant. 

Seamless.  And  that  trust  doesn't  stop  at 
any  border  -  because  Equant  is  everywhere. 
With  people  in  165  offices,  a  seamless  global 
network  that  covers  220  countries  and 
territories,  and  supported  locally  in  the  local 
language.  Our  customized  communication 
solutions  can  enable  your  key  business 
processes  wherever  you  want  to  do  business  - 
including  emerging  markets  like  India  and  China. 


Stable.  What's  more,  you  can  trust  us 
to  deliver  real  results  for  business  critical  needs. 
Solid  financials  and  steady  growth,  on  both 
client  list  and  balance  sheet.  But  don't  take 
our  word  for  it;  analysts  have  praised  Equant's 
solutions  for  global  businesses  for  years. 

Demonstrating  business  value.  And  that's 
how  we'll  earn  your  trust  -  by  understanding 
your  business  before  talking  technology. 

Our  approach  is  consultative,  not  hard-sell; 
our  people  build  relationships  by  demonstrating 
business  value  with  the  more  than  80  proven 
Equant  products  and  solutions.  We'd  like 
to  start  proving  ourselves  to  you  today. 

Go  to  the  link  below  and  see  why  Equant 
is  worthy  of  your  trust. 

wu/w.equant.com/usa 


See.EquantataOMa@zine^Mth 
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Oracle  Collaboration 

Suite 


Oracle's  take  on  enterprise 
collaboration  impresses 


■  BY  TRAVIS  BERKLEY,  NETWORK  WORLD  LAB  ALLIANCE 

ollaboration  between  colleagues  often  means  sending  files  through  e-mail  and  hop¬ 
ing  they  don't  get  lost  in  the  ever-growing  wasteland  of  the  in-box.To  solve  this, 
Oracle  offers  its  Oracle  Collaboration  Suite,  a  comprehensive  set  of  tools  to  help 
companies  manage  information  across  whatever  boundaries  they  might  have. 


Tools  such  as  Web  conferencing,  e-mail, 
calendaring,  file  storage  and  content 
searching  are  provided  in  an  environ¬ 
ment  that  lets  data  get  stored, shared  and 
ultimately  found  by  those  who  need  it. 

We  recently  tested  (see  How  we  did  it  at 
www.nwfusion.com, DocFinder3436)  the 
OCS  and  found  it  to  be  a  solid  performer, 
offering  a  number  of  good  tools  that  let 
workers  share  information  and  find  data 
within  a  company  Its  variety  of  access 
methods  (through  the  Web  or  with  a 
desktop  client  or  even  PDA  or  cell 
phone)  also  impressed  us. 

Building  the  framework 

The  OCS  is  built  on  the  Oracle  Data¬ 
base  and  the  Oracle  Application  Server 
products.  OCS  can  be  accessed  through 
a  customizable  Web  portal,  using  applets 
to  access  the  calendar,  e-mail  and  other 


^  Results 

Oracle  Collaboration 
Suite 


Company:  Oracle,  www.oracle.com. 
Cost:  Oracle  Collaboration  Suite,  all 
components:  $60  per  named  user;  Oracle 
Collaboration  Suite,  Web  Conferencing: 
$45  per  named  user,  Oracle  Collaboration 
Suite,  File:  $45  per  named  user.  Pros: 
Accessible  from  Web,  desktop  and  other 
avenues;  stand-alone  apps  support 
multiple  platforms;  flexible  and  granular 
administration;  very  rich  set  of  tools. 
Cons:  Workflow  applet  interface  is 
different  from  others;  Web  interface  is 
very  dependent  on  cookies. 

The  breakdown 

Features  40%  4 
Accessibility  30%  ]  5 
Usability  30% ,  4 
TOTAL  SCORE  4.3 


Scoring  Key:  5:  Exceptional:  4:  Very  good:  3: 
Average;  2:  Below  average;  1:  Consistently 
subpar 


functions.  Alternatively  there  are  stand¬ 
alone  applications  available  to  access 
the  calendar,  and  various  e-mail  clients 
can  connect  using  POP  or  Internet 
Message  Access  Protocol  (IMAP). 

Rather  than  install  OCS  ourselves,  we 
used  Oracles  Hosted  Pilot  program. This 
program  lets  potential  OCS  customers 
take  OCS  for  a  “test  drive”  (see  story  at 
DocFinder:  3358).  Using  the  Hosted  Pilot, 
we  accessed  all  parts  of  the  OCS  just  as  if 
it  were  installed  locally  in  our  lab. 

The  OCS  administration  is  very  de¬ 
tailed.  After  the  installation,  there  was  a 
small  group  of  administrator  accounts 
with  complete  control  over  each  applet. 
But  additional  administrators  can  be  cre¬ 
ated  within  each  applet.  This  gives  the 
ability  to  grant  one  user  the  rights  to  pro¬ 
vision  calendar  accounts,  but  maybe  a 
different  user  to  provision  e-mail  privi¬ 
leges.  Or,  perhaps  you  need  different 
administrators  for  each  department.  OCS 
gives  you  the  flexibility  to  assign  rights  in 
whatever  ways  your  business  requires. 

The  "gotcha”  was  in  switching  between 
different  users.  OCS  relies  on  Web  brows¬ 
er  cookies  to  keep  track  of  who  is  signed 
on.  It  is  a  best  practice  to  completely 
close  the  browser,  thus  clearing  your  ses¬ 
sion  cookies,  before  trying  to  switch 
users.This  only  will  be  an  issue  if  you  find 
yourself  switching  between  privileged 
and  unprivileged  accounts,  or  if  there  is  a 
machine  that  is  shared  among  users. 

Web  conferencing 

The  first  tool  that  one  thinks  of  when 
you  use  the  word  collaboration  is  Web 
conference.  OCS  is  no  exception,  offering 
Web  conferencing  with  the  standard 
array  of  functions  such  as  application 
sharing,  whiteboarding  and  chat. 

A  small  console  in  the  form  of  an  exe¬ 
cutable  is  downloaded  when  a  new  user 
enters  a  conference.  From  there,  the  con¬ 
ference  presenter  can  share  application 
windows  or  their  entire  desktop. The  pre¬ 
senter  can  maintain  control  of  the  white¬ 
board,  or  it  can  be  shared  with  others. 
Public  and  private  chat  sessions  also  can 
be  launched,  and  it  has  the  ability  to 
conduct  polls. The  presenter  can  coordi¬ 


nate  the  viewing  of  a  Web  page  or  a  doc¬ 
ument  that  was  loaded  into  the  confer¬ 
ence  beforehand. 

The  Web  conference  feature  supports 
streaming  audio  from  a  telephone  call-in 
bridge.  Presenters  and  any  participants 
who  want  to  talk  in  the  conference  can 
dial  into  the  bridge;  participants  who  just 
want  to  listen  can  do  so  via  the  streaming 
version  from  their  Web  browsers.  This  is 
the  only  option  available  for  audio  in  the 
current  version,  but  plans  are  in  the 
works  to  add  VoIP  or  audio  streaming  in 
a  future  version,  the  company  says. 

Overall,  the  Web  conferencing  in  OCS  is 
as  good  as  any  other  product  with  which 
we’ve  worked.  The  console  application 
doesn’t  take  up  much  room  on  the  desk¬ 
top,  and  it  can  be  minimized  to  free  more 
viewing  area.  It  includes  a  nice  “network 
connection”  meter,  which  gauges  your 
response  times  and  how  smooth  the  pre¬ 
sentation  should  be.  The  interface  is 
clean  and  easy  to  use. 

Space  to  work 

The  next  tool  in  the  OCS  arsenal  is  the 
workspace.  This  essentially  is  an  area 
where  files  can  be  stored  and  shared. 
Each  user  account  receives  a  private  and 
public  workspace.  The  private  space  is 
just  that  —  only  the  user  can  access  files 
in  this  workspace.  Public  files  are  acces¬ 
sible  to  any  user  who  can  authenticate 
into  the  OCS. 

OCS  also  can  create  any  number  of 
workspaces  for  specific  members  to 
share.  For  example,  a  project  team  could 
make  its  own  workspace  to  share  project 
files.  If  the  system  administrator  allows  it, 
users  can  create  and  manage  their  own 
workspaces,  inviting  others  to  participate 
as  they  see  fit.  As  new  users  are  invited, 
they  can  be  a  Participant  (add  and  edit 
files)  or  a  Viewer  (read  only  access). 

Workspaces  have  storage  quotas 
placed  on  them.  While  a  workspace 
administrator  can  request  to  increase  the 
quota,  only  the  system  administrator  can 
grant  it.  If  the  space  quota  is  exceeded, 
new  files  or  updates  to  files  cannot  be 
added.  But  files  can  be  deleted  to  make 
more  room. 


For  Windows  clients,  Oracle  offers 
FileSync,  an  application  that  replicates 
files  from  any  number  of  workspaces 
down  to  the  local  machine.  FileSync 
compares  what  is  stored  locally  with 
what  is  in  the  workspace  and  then  uses  a 
WebDAV  connection  to  synchronize 
changes.  It  is  a  handy  way  to  grab  fresh 
copies  of  workspace  files  before  heading 
out  on  the  road  with  a  laptop.  Upon  a 
return,  FileSync  quickly  can  upload  any 
changes  made  to  the  files  and  grab  any 
new  files  that  have  arrived. 

A  business  intelligence  engine  is  also 
available  for  workflow  processing.  While 
navigation  was  a  little  difficult,  it  does 
have  some  very  nice  features.  You  can 
flag  a  file  to  be  reviewed  and/or  ap¬ 
proved  by  someone  in  the  workgroup. 
The  file  can  still  be  accessed,  but  it  can¬ 
not  be  changed  until  the  specified 
approver  has  released  the  file.  When  we 
entered  the  workflow  piece,  some  of  the 
links  generated  errors  from  time  to  time. 
Sometimes  a  user  didn’t  receive  notifica¬ 
tion  of  an  impending  approval.  Refresh¬ 
ing  or  reloading  the  workflow  pages 
again  often  cleared  up  the  problem.  But 
the  most  inconvenient  part  is  that  there 
aren’t  any  links  to  return  to  the  main  por¬ 
tal  once  you  are  finished  using  the  work- 
flow  applet.  You  have  to  use  the  “back” 
button  in  your  browser  or  log  on  again. 

Versioning  tools  are  also  available. 
These  let  you  have  a  history  of  a  docu¬ 
ment  over  time.  As  changes  are  made, 
users  can  save  an  old  version,  but  mark 
the  new  one  as  the  working  copy 
Versioning  files  worked  slightly  different 
depending  on  whether  you  used  FileSync 
or  did  a  manual  upload.  FileSync  would 
upload  new  files,  avoiding  conflicts  as 
specified.  If  it  is  set  to  avoid  overwriting,  it 
will  add  “(new  version)”  to  the  file  name. 
When  doing  a  manual  upload,  a  user  can 
generate  a  new  version,  which  moves  the 
old  version  into  the  history  area. 

The  workflow  applet  is  a  very  powerful 
tool  that  lets  you  create  some  very  cus¬ 
tomized  business  logic. 

Common  tools 

A  workhorse  tool  included  in  the  OCS 
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is  the  e-maii  component.  It  includes  every¬ 
thing  you  would  expect  in  a  Web-based 
•.-mail  client,  including  folder  management 
and  access  to  directory  services.  A  public 
directory  and  private  user  address  books 
are  available  to  store  e-mail  addresses.  A 
mailing  list  feature  within  OCS  lets  you  cre¬ 
ate  groups  to  send  to  multiple  users. 


For  users  who  want  to  use  other  e-mail 
clients,  OCS  has  a  POP3  and  1MAP4  inter¬ 
face.  Users  then  can  use  other  programs  to 
manage  their  mail,  as  well  as  download 
mail  locally  to  their  computers.  Also, 
address  books  and  user  directories  are 
accessible  via  Lightweight  Directory 
Access  Protocol  queries. 


You  do  not  have  to  use  the  e-mail  in  OCS 
if  you  already  have  a  satisfactory  e-mail  sys¬ 
tem  in  place.  Messages  and  notifications 
are  sent  within  OCS  via  e-mail,  but  an  exter¬ 
nal  address  works  just  as  well  as  an  OCS 
address. 

As  a  Web-based  e-mail  system,  OCS  is  a 
solid  performer.  Nothing  flashy  but  all  of  the 


basics  are  covered.  A  basic  filtering  func¬ 
tion  lets  you  create  rules  that  can  sort  or  file 
email  as  it  is  delivered,  read  or  deleted.  No 
out-of-office  replies  are  available,  however. 

The  calendaring  feature  is  referred  to  as  a 
user’s  Agenda.  The  Agenda  includes  every¬ 
thing  you  would  expect,  including  daily 
appointments,  notes  and  tasks.  Users  can 
grant  rights  for  other  users  to  view  their 
Agenda  entries.You  also  can  mark  items  as 
confidential  or  personal.  Access  to  those 
items  can  be  controlled  separately 

For  users  who  don’t  want  to  use  the  Web 
interface,  Oracle  has  developed  stand¬ 
alone  programs  to  access  the  Agenda.  Ver¬ 
sions  are  available  for  Windows,  Macintosh 
OS  9  and  OS  X,  Linux  and  Solaris.The  stand¬ 
alone  versions  are  functionally  equivalent 
to  the  Web  version,  but  include  the  ability 
to  view  several  users’  agendas  at  once. 

Users  also  can  synchronize  their  PDAs 
with  the  agenda,  tasks  and  notes  in  OCS. 
The  Oracle  Calendar  Sync  for  Palm  appli¬ 
cation  is  available  for  Windows,  Macintosh 
OS  9  and  OS  X  clients.  A  Fbcket  PC  version 
for  Windows  is  also  available. 

Crawling  about 

A  tool  called  Ultra  Search  lets  administra¬ 
tors  create  Web  crawlers  that  go  to  speci¬ 
fied  parts  of  the  Web  and  catalog  what  it 
finds.  For  example,  you  could  create  a  Web 
crawler  that  looks  over  the  intranet,  and 
indexes  the  information  it  finds.The  admin¬ 
istrator  can  specify  how  deep  to  follow 
each  length  and  the  types  of  data  to  index 
(such  as  searching  for  only  HTML  and  PDF 
files,  but  not  JPGs  or  GIFs).  OCS  users  then 
can  search  the  information  the  Web 
crawlers  harvested.  For  example,  a  user 
might  search  for  the  phrase  “2004  sales  cat¬ 
alog,”  and  be  given  a  list  of  links  where 
information  on  that  topic  can  be  found. 

Depending  on  the  size  of  your  business, 
this  search  function  could  be  quite  useful. 
If  you  routinely  try  to  find  information  but 
have  no  idea  what  the  file  name  might  be, 
where  it  might  be  stored  or  even  what  type 
of  file  it  is,  Ultra  Search  could  be  quite  use¬ 
ful.  Only  an  administrator  can  set  up  a  Web 
crawler,  but  all  users  can  access  the  results. 

Not  to  be  overlooked  is  the  very  aggres¬ 
sive  pricing  that  Oracle  offers  for  OCS.This 
could  make  OCS  particularly  attractive  to 
the  small  or  midsize  business  looking  to 
find  some  powerful  tools  without  a  large 
expense  (see  related  story,  DocFinder: 
3359). 

Berkley  is  the  manager  of  LAN  Support 
Services  at  the  University  of  Kansas.  He 
can  be  reached  at  berkley@ku.edu. 
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■  CAREER  DEVELOPMENT 

■  PROJECT  MANAGEMENT 

■  BUSINESS  JUSTIFICATION 


The  entrepreneur’s  spirit 

Company  founders  whose  start-up  businesses  failed  live  to  tell  the  tale. 


■  BY  LINDA  LEUNG 

You  have  a  great  idea  for  an  IT  product,  and  you’ve  already  signed  your  first  customer.  A 
global  services  firm  is  willing  to  invest  $1  million  in  your  start-up  company  and  plans  to 
market  your  product  worldwide.  What  could  go  wrong?  Well,  many  things  did  go  wrong  for 
Kelly  Hansen,  who  launched  Prism  as  a  managed  security  services  provider  in  2000  and 
ended  up  being  personally  liable  for  $5  million  in  debt. 


Hansen  paid  $2.5  million  to  walk  away  from  the  whole 
affair,  and  is  now  CEO  of  Chicago  security  consultancy 
Neohapsis.Tve  learned  from  my  mistakes,”  the  business¬ 
woman  says,  adding  that  she  will  “always  be  an  entrepre¬ 
neur.  You’ve  got  to  have  some  skin  in  the  game.” 

A  tough  skin,  unswerving  commitment  and  the  disci¬ 
pline  to  not  take  on  more  than  you  can  manage  are  some 
of  the  characteristics  that  separate  the  inexperienced 
entrepreneurs  from  those  who  recovered  from  unsuc¬ 
cessful  start-up  businesses.  Their  experiences  illustrate 
missteps  to  avoid. 

With  a  $2  million  line  of  credit  from  a  bank,  Hansen 
launched  Prism  as  a  spin-off  of  Sun  Tzu  Security,  a 
Milwaukee  information  security  consultancy  she  estab¬ 
lished  in  1996.  Prism  was  set  up  to  provide  intrusion- 
detection  outsourcing  and  firewall  maintenance  to  a  sub¬ 
sidiary  of  a  Fortune  50  company,  which  Hansen  declined 
to  name.  “The  customer  didn’t  pay  us  for  nine  months,” 
she  says. “It  is  terrible  to  rely  on  a  single,  large  client  that 
will  pay  when  and  if  it  feels  like  it.” 

On  top  of  the  cash-flow  problem,  Prism  was  getting 
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Kelly  Hansen 

CEO,  Neohapsis 

nowhere  with  the  strategic  partner  with  which  it  was 
negotiating  a  $1  million  investment  and  marketing  deal. 
The  partner  couldn’t  figure  out  how  to  sell  Prism  services 
alongside  its  own  and  kept  adding  new  provisions  to  the 
contract  before  the  deal  was  signed. The  new  provisions 
increased  Prism’s  debt  to  the  partner  from  $1  million  to 
$3  million.  With  no  money  coming  from  the  customer 
and  the  bank  money  running  out,  Hansen  agreed  to  the 
deal  and  waited  for  venture  capital  funding.  However,  the 
financing  fell  through  when  the  dot-com  crash  occurred. 


Prism  attracted  other  potential  customers,  but  they  had 
no  budget  to  buy  services  after  being  stung  by  the  recent 
Y2K  fix-it  hype.  Prism  was  closed  in  November  2002,  leav¬ 
ing  Hansen  personally  liable  for  $5  million  in  debt  —  $3 
million  to  the  partner  and  $2  million  to  the  bank. 

“The  good  news  was  that  I  managed  to  negotiate  the 
debt  to  the  partner  to  $500,000  from  our  strategic  partner 
and  the  final  price  tag  was  $2.5  million, ’’which  was  a  com¬ 
bination  of  bank  debt  and  repayment  to  the  partner. 
Hansen  also  was  able  to  sell  Sun  Tzu  (minus  Prism)  to 
Neohapsis. 

A  faltering  focus 

Finding  paying  customers  was  not  a  problem  for  Jet 
Engine  Consulting,  which  launched  in  St.  Louis  in  2003. 
Its  problem  was  that  it  became  complacent  and  for 
about  five  months  put  all  its  energies  into  one  customer. 
“The  customer  paid  its  bills  but  suddenly  it  told  us  we 
were  too  expensive  and  offered  to  buy  us  out  and  have 
us  as  their  employees,” says  Harry  Brumleve,  Jet  founder 
and  president. 

Although  Jet’s  goal  was  to  provide  high-level  IT  con¬ 
sulting,  its  consultants  had  to  roll  up  their  sleeves  to  finish 
the  projects  they  recommended. “Our  company  was  not 
designed  to  augment  staff  to  help  finish  projects.  If  we 
continued  to  operate  like  that,  the  same  thing  would  hap¬ 
pen  again  with  other  customers,”  Brumleve  says. 

The  company  took  two  days  to  figure  out  its  next  step. 
Brumleve  recently  negotiated  a  six-month  contract  and  an 
18%  fee-reduction  with  the  customer  and  persuaded 
another  former  client  to  jointly  develop  a  software  appli¬ 
cation  for  the  airline  industry  “We  want  to  do  something 
for  us,  not  just  help  other  companies  live  their  dreams.This 
is  part  of  the  reason  I  became  an  entrepreneur^’  he  says. 

But  being  too  ambitious  also  could  bring  your  downfall. 
Spurred  by  the  e-commerce  craze,  Eldad  Moraru  in  1999 
helped  set  up  eStoreUSA  of  Rockville,  Md.,  to  provide 
e-commerce  Web  site  design  and  hosting  to  small  and 
midsize  businesses. 

To  sustain  its  fee  of  $199,  eStoreUSA  had  developed  a 
technology  that  let  it  build  Web  sites  very  quickly. To  sus¬ 
tain  its  low  rate  of  a  maximum  one-time, setup  fee  of  $495 
and  a  maximum  monthly  service  of  $199,  the  company 
sought  to  sign  up  4,000  customers  and  employ  160 
staffers  by  the  end  of  2000. 


As  senior  vice  president  of  business  development  for 
eStoreUSA,  Moraru  was  responsible  for  snagging  a  strate¬ 
gic  partner, such  as  domain  registrar,  that  would  help  mar¬ 
ket  eStoreUSA  to  its  customers.  But  these  companies 
either  wanted  to  host  eStoreUSAs  technology  at  their  own 
facility,  which  was  technically  impossible  to  arrange  in  a 
short  time  period;  or  felt  that  they  could  develop  the  site 
building  software  themselves. 

By  March  2000,  eStoreUSA  began  to  run  out  of  money 
and  shut  its  doors  at  the  end  of  the  year.“We  can't  blame 
it  all  on  the  dot-com  bust.  Trying  to  get  thousands  of 
clients  overnight  was  unrealistic, ’’says  Moraru,  who  is  now 
a  real  estate  agent.  “At  the  end  of  the  day,  business  is  all 
about  relationship-building.” 
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Pete  Wilson 

CEO,  Telewares 


Reluctant  to  take  risks 

But  getting  a  fledgling  company  off  the  ground  is  often 
the  first  test  of  an  entrepreneur’s  mettle.  In  1986,  Pfete 
Wilson,  a  former  Sprint  and  MCI  senior  executive,  and 
three  associates  launched  Telewares  to  develop  software 
to  help  companies  determine  how  to  get  the  best  deals 
from  the  newly  deregulated  carriers. 

Everyone  continued  with  their  day  jobs  and  worked  in 
their  spare  time  to  finish  the  software.  After  about  a  year, 
it  was  time  to  raise  some  $30,000  for  legal  fees  to  file 
patents  for  the  technology  and  to  sell  the  product.  But  no 
one  was  willing  to  give  up  their  job.“l  had  fear  of  failure.  I 
feared  that  I  would  put  my  family  at  financial  harm  if  it 
failed, ’’Wilson  says.The  founders  decided  to  put  the  next 
stage  on  hold  for  two  years, but  they  never  returned  to  the 
idea  and  the  company  fizzled  out.  By  then,  other  compa¬ 
nies  began  to  appear  with  competing  products. 

Wilson  did  retain  the  company  name,  though.  He 
worked  in  the  telecom  industry  for  another  nine  years 
and  then  decided  to  quit  his  job  as  director  of  Sprint’s 
markets  and  business  group  to  relaunch  Telwares  in 
Destin,Fla.,as  a  telecom  pricing  consultancy. 

“You’ve  got  to  back  up  your  beliefs  with  action,”  Wilson 
says.“I  was  still  a  little  nervous  but  I  made  it  happen  !  was 
38  years  old,  had  always  dreamed  of  having  my  own  busi¬ 
ness,  and  it  was  time  to  put  up  or  shut  up.”  ■ 
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Cyclades  elevates  today’s  KVM  solutions  with  the  AlterPath"  KVM/rtet 
AlterPath™  KVM/net.  In  direct  response  to  feedback  EnterPrisc  KVM  solutions 
from  serving  80%  of  Fortune  100  companies, 
the  AlterPath™  KVM/net  brings  a  unique  set  of 
features  unparalleled  in  the  market  today: 

■  KVM  over  IP 

■  Up  to  500  ft  (CAT-5)  cabling 

■  Up  to  1024  servers  per  system 

■  Integrated  power  management  capability 

■  Advanced  Security  &  server-based  Authentication 


With  fifteen  years  of  networking  expertise,  only  Cyclades  can  offer  a  complete 
out-of-band  management  solution  that  connects  your  environment  today  and 
integrates  into  your  data  center  of  tomorrow. 

Call  us  now  and  put  an  end  to  your  search. 


www.cyclades.com/nw 

1.888.cyclades  ■  sales@cyclades.com 


cyclades 
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fjtth  allows:  simple'  of-  multiple 
_  j&s  to  have  local  or  remote  access  to 
l^e/fompute^s  located  in  Server  rooms  or 
‘desktop  regardless  of  their  platforms 


Recognized  as  the  pioneer  of  KVM  switch 
.^te*3inoiogy;  Rose  Electronics  offers  the 
.  ippustry's  most  comprehensive  range  of 
server  management products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.'  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 

Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 


Rose  Electronics 
10707  Staneliff  Road 
Houston,  Texas  77099 

ROSE  US  +281  933  7673 

ROSE  EUROPE  +44(0)1264  850574 

ROSE  ASIA  +65  6324  2322 

ROSE  AUSTRALIA  +617  3388  1540 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


UltraMatrix  Remote" 

REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 

•  Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

•  High  quality  video  up  to  1280  x  1024 

•  Scaling,  scrolling,  and  auto-size  features 

•  Secure  encrypted  operation  with  login  and  computer 
access  control 

•  Advanced  visual  interface  (AVI) 

•  No  need  to  power  down  servers  to  install 

•  Free  lifetime  upgrade  of  firmware 

•  Available  in  several  models 

•  Easy  to  expand 

800  333  9343 

WWW.ROSE.COM 


UltraConsole 

PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 


•  Connects  up  to  1000  computers  to  a  KVM  station 

•  Models  for  4,  8,16  computers 

•  Advanced  visual  interface  (AVI) 

•  Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

•  Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

•  Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

•  Free  lifetime  upgrade  of  firmware 

•  Security  features  prevent  unauthorized  access 

•  Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 
simultaneous  booting 

•  Easy  to  expand  _  _  _ 
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Publish  Large  Document  Collections 
to  the  Web  or  to  CD/DVD 


♦  over  two  dozen  indexed,  unindexed,  fielded  &  full-text  search  options 

♦  highlights  hits  in  HTML,  XML  &  PDF  while  displaying  embedded 
links,  formatting  &  HiVMlil  . 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet, 
email,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 


dtSearch  Reviews... 

♦  “The  most  powerful  document  search  tool  on  the  market” 

—  Wired  Magazine 

♦  “Intuitive  and  austere  ...  a  superb  search  tool”  —  PC  World 

♦  “Blindingly  fast”  —  Computer  Forensics:  Incident  Response 

Essentials 

♦  “A  powerful  arsenal  of  search  tools”  —  The  New  York  Times 

♦  “Covers  all  data  sources  ...  powerful  Web-based  engines” 

—  eWEEK 

♦  “Searches  at  blazing  speeds”  —  Computer  Reseller  News 

Test  Center 


sifri 


See  www.dtsearch.com  for: 

'♦  hundreds  of  developer  case  studies  &  reviews  , 


fully-functional  evaluations 


. 


•  •  -  .  I,  #  #.t  . .  ,  , 

4  out  of  5  of  Fortune  Magazine  s  most  profitable  companies  purchased 

dtSearch  developer  or  multi-user  licenses  in  the  past  two  years, 


dtSearch* 


Instantly  Search  Gigabytes  of  Text  Across 
a  PC,  Network,  Intranet  or  Internet  Site 
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western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  926  1  8-25  1  7 


Celebrating  our  40th 
Year  in  DataCom 


‘‘Keeping  the  Net.. .  Working !” 


Intelligent  erial  Port  Switch  with 
Internal  Modem 


Internal  33.6  Kbps  Modem 
Secure  Dialback  Feature 
Password  Protection 
Invalid  Access  Lockdown 
Periodic  Modem  “AT”  Refresh 
Seven  RS232  DB-9  Console  Ports 
Any-to-Any  Port  Switching 
Non-Connect  Port  Buffering 
Data  Rate  Conversion  300  to  115K  bps 
AC  and-48  DC  Power  Options 


m\ 


WWW. 


The  APS-8M  Asynchronous  Port  Switch  is  a  cost 
effective  Terminal  Server  alternative,  plus  you  get  an  internal  modem 
which  saves  rack  and  cabling  hassles.  Connect  multiple  devices  for  on-site 
and/or  dial-up  remote  communications.  High  data  throughput,  full  modem 
and  data  flow  control  all  add  up  to  make  the  APS-8M  the  perfect  data  switch 
or  today’s  remote  network  management  applications. 


Wti.COm  (800)  854-7226 


Stop  juggling  with 
multiple  management  tools 


*4  Keep  IT  simple 


ManageEngine 

y\\&  OpManager 

Network,  Systems  and  Application  Management 


Take  control  of  your  network,  systems  and  application 
infrastructure  before  it  controls  you.  OpManager  provides 
integrated  management  for  IT  infrastructure. 

Move  to  integrated  management.  Try  OpManager  today.. 


Available  for  Linux,  Solaris  and  Windows 


FREE 


AdventNeT)  www.opmanager.com  30  Day  Trial 

Download 


In  today's  demanding  data  center  environment,  no 
one  knows  how  to  protect  and  organize  your 
valuable  IT  equipment  better  than  Rittal.  Our 
TS-server  cabinets  securely  accommodate  the  dense 
mounting  of  virtually  any  kind  of  server,  networks  or 
mass  storage  devices.  Maybe  that’s  why  so  many 
leading  companies  around  the  world  count  on 
Rittal  for  their  network  infrastructure  needs. 


CHECK  OUT  THE  Grand  Prize: 

TEAM  RITTAL  WEBSITE  *  Complete  Home  Entertainment  System 

AND  REGISTER  TO  WIN!  Weekly  Drawin3s: 

•  Louisville  Slugger  Bats 

Use  priority  code:  NWW  .  jeam  Rittal  Baseball  Hats 


www.rittal-corp.com/teamrittaf  ^ 
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v3  Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 


Power  demands  from 
today's  new  servers  require 
greater  power  distribution 
in  the  equipment  cabinet. 
The  Sentry  CDU  distributes 
power  for  up  to  42  dual¬ 
power  1 U  servers  in  one 
enclosure.  Single-phase  or 
3-phase  input  with  110  VAC, 
208  VAC  or  mixed  110/208 
VAC  single-phase  outlet 
receptacles. 


Sentry  CDU  Cabinet  Power  Distribution 


High-density  Equipment  Cabient  Power  Distribution  « 

■  .  r'  •  ’ 

84-Outlet  Receptacles  « 

20,000  Watt  3-Phase  Power  Distribution  Model  « 

10,000  Watt  208  VAC  Power  Distribution  Model  « 

True  RMS  Power  Monitoring  per  Branch  Circuit « 
Local:  Digitia!  Displays,  Remote:  via  Interface 

Input  Power  Monitoring  Facilitates  Load  Balancing  « 

Web  Interface  « 

SNMP,  MIB  &  Traps  « 

Integrated  Temperature  &  Humidity  Probes  « 

Color-coded  Outlets  by  Branch  Circuit/Electrical  « 
Phase  for  Easy  Identification 

Center  Raii  "Notch’  for  Simplifying  Cabinet  Installation  « 


Server  Technology,  Inc. 

1040  Sandhill  Drive 
_____  Reno,  NV  89521 -USA 

toll  free  +1 .800.835.1 51 5 
tel  +1.775.284.2000 
fax +1.775.284.2065 
www.servertech.com 
sales@servertech.com 


iso  oooi  ei 
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©Server  Technology.  Inc.  Sentry  is  a  trademark  of  Server  Technology.  Inc. 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Embedded 

Web 

Server 


Sends  Power  Internal 

E-Mail  Outage  UPS 

Alarming 


Power 

Control 

Interface 


Internal  Voice, 
Modem 
&  Pager  Port 


8  R)-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/Fire) 


Microphone 
for  Sound 
Monitoring 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Attention  Resellers! 


SECUREMATICS 

The  Right  decision  for  Security  Products 

Best  Source  for  SONICWALL 
Security  Products! 

LIMITED  TIME  OFFER! 

•  Earn  1  FREE  SonicU  e ‘Training 
Class  for  every  $15K  in  SonicWALL 
purchases  from  Securematics." 

•  New  SonicWALL  Resellers  will  receive  1  FREE 

SonicU  Electronic  Training  Course  with  purchase 
of  any  Demo  Unit  . . 


Securematics  is  a  SonicWALL  Authorized  Distributor  &  Training  Partner 
To  sign  up  for  the  Medallion  Partner  Program,  please  contact  us. 

Call  -  888-746-6700  sales@securematics.com  www.securematics.com 
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Ra&,  Mount  32  bit  end  64  bit 
$r Storting  from  <850 


Opicale 


i 

*. 


Optimt/ed  and  Statable 
?y*tems  and  Open  Source 
'-o!t’t*oivs  tit  affordable  prices. 

O  We  will  work  with  you  from 
capacity  pianino  lo  successful 
insLiHation  and  performance 
optimisation,  including  nation 
wide  or  site  support 

AM  out  sy*  terns  are  well  tested 
and  otto  with  one  year 
w.\r<  vrty  o*.  parts. 


VI  id  Tower  32  bit  &  64  bit 
servers  and  workstations 
from  59 00 


w  ww.  opscale.com 


rtvomr  AOV4M44iil  rUurl  op+<  ale.com 


Luggage,  Fine  Leather  Goods, 
Gifts,  and  more! 

Tumi,  Hartmann,  Andiamo, 
Samsonite,  Cross 
10%  discount  for  Network 
World  readers 
Enter  code  NWW2004 


Reading  someone 
else's  issue  of 

NetworkWorld? 

Subscribe  today  and  receive  your  own 
1-year  subscription  for  FREE  - 

a  $129.00  value! 

Go  to  http://subscribenw.com/mynw  for  your  free  subscription. 


Advertising  Supplement 

IT  Careers:  Illinois,  Chicagoland  Bridge  Old  to  New  Industry  Age 


In  an  era  past,  Chicago  and  the  state  of  Illinois 
claimed  fame  in  meat  packing,  transportation, 
heavy  machinery,  brewing,  and  corn.  Today's 
economy  is  based  squarely  on  technology  with  more 
than  7,000  IT-specific  companies  and  a  host  of  heavy 
IT  users  ranging  from  Baxter  International  to  Argonne 
National  Laboratory. 

While  most  Illinois  technology  companies  were 
hiring  in  the  hundreds  in  the  1990s,  2004  shows 
listings  in  much  smaller  numbers  -  40  to  50 
specialized  professionals  for  larger  firms  and  five  to 
10  for  dozens  of  smaller  companies  --  for  entry  level 
and  senior  management  IT  jobs.  Allstate  Insurance, 
long  a  leader  in  information  technology  use,  has 
better  than  40  IT  jobs  listed  on  its  website,  while  food 
giant  Archer  Daniels  Midland  has  listings  that  include 
bioinformatics,  application  support,  analysis  and 
opportunities  for  academic  interns. 

Among  the  coups  for  Illinois  and  Chicago  was 
the  announcement  in  fall  2003  that  Chicago's 
McCormick  Place  will  host  the  2006  Biotechnology 
Industry  Organization  International  Conference 
and  Exhibition.  State  leaders  point  to  the  win  as  host 
site  as  an  indicator  of  leadership  in  biomedical  device 
development,  pharmaceuticals,  agri-science,  bio 
remediation,  and  research  and  development 
innovation. 

However,  the  region  is  also  known  for  a  heavy 
load  of  consulting  talent,  ranging  from  giants 
Accenture,  Mercer  and  Hewitt  to  locally  operated 
firms.  Crain's  Chicago  Business  lists  its  technology 


who's  who  as  Michael  Birck,  soon-to-retire  CEO  of 
Tellabs;  Robert  Blackwell  Sr.,  CEO  of  Blackwell 
Consulting  Services,  John  Edwardson,  CEO  of  CDW 
Corp.,  Richard  A.  Forsythe,  CEO  of  Forsythe 
Technology  Inc.,  Gale  E.  Sayers  (yes  the  football 
great),  CEO  of  Sayers  Group  LLC,  and  Judith  A. 
Sprieser,  CEO  of  three-year-old  data  synchronization 
firmTransora  Inc.  In  addition  to  these  home-grown  IT 
and  software  development  groups,  the  listing 
includes  Carol  Potts,  area  vice  president  for  Hewlett- 
Packard,  and  Allan  Duffy  Gaynor,  a  global  business 
segment  leader  for  IBM. 

The  trend  with  these,  and  others  such  as  Allstate 
Insurance,  Archer  Daniels  Midland,  Motorola  and 
Baxter  International,  is  in  hiring  people  with  specific, 
advanced  skills  such  as  IT  architecture,  analysis, 
development  and  disaster  recovery,  as  well  as  IT 
support  -  in  smaller  numbers,  but  still  hiring. 

The  jobs  are  clustered  in  the  Chicago  area, 
Springfield  and  east  of  St.  Louis,  as  well  as  a  software 
development  core  that  is  scattered  throughout  rural 
Illinois,  including  the  Carbondale/Southern  Illinois 
University  region.  According  to  John  Barr,  project 
manager  for  the  IT  Cluster  in  Illinois'  Department 
of  Commerce,  the  state's  IT  strength  is  in 
hardware/networking,  software  and  data  services. 
Software  has  grown  at  the  fastest  pace,  with  total 
employment  increasing  by  better  than  90%  in  the 
past  decade,  driven  by  growth  with  companies  such 
as  Platinum  Technology,  SPSS,  SoftNet  Technologies 
and  Spyglass. 


INFORMATION 

TECHNOLOGY 

ESTABLISHMENTS 

O  Data  Processing 

•  Hardware  & 
Networking 

O  Software 


source: 

State  of  Illinois,  DCOE 


SHOMEX,  long  known  for  its  diversity  job  fairs,  is 
launching  a  new  regional-focused  product  to  meet 
technology-hiring  requirements.  The  first  show, 
according  to  Cris  Levy,  vice  president  of  marketing,  is 
Jan.  19  at  the  Navy  Pier  in  Chicago.  More  than  30 
companies  are  expected  to  participate  in  the  job  fair. 


For  more  information  about  IT  Careers  advertising, 

please  contact:  Nancy  Percival 

Vice  President,  Recruitment  Advertising 

800.762.2977 

500  Old  Connecticut  Path 

Framingham,  MA  01701 

Produced  by  Carole  R.  Hedden 
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NovaSoft  Information  Techn¬ 
ology  Corp.,  a  software  consult¬ 
ing  firm  &  web  development  co„ 
is  seeking  Programmer  Analysts 
w/one  of  the  following  sets  of 
qualifications  to  work  in  the 
Minneapolis  area: 

‘2  yrs  exp.  designing/devel. 
apps  using  SQL  Server,  Visual 
Interdev  6.0,  VB  6.0,  ASP. 
JavaScript  &  HTML 

*1  yr  exp.  designing/devel.  apps 
using  Lotus  Notes,  Domino  & 
Windows  NT,  &  setting  up 
Domino  Servers  &  Lotus  Notes 
on  Windows  NT 

*2  yrs  exp.  devel./testing  strate¬ 
gies  using  Test  Manager, 
Rational  Clear  Quest,  Rational 
Clear  Case,  WinRunner  & 
LoadRunner 

BS  in  Comp.  Sci.,  CIS,  Engrg. 
Electronics,  Busns  or  Math  +  2 
yrs  exp.  as  a  Prog.  Analyst, 
Sftwr  Engr,  Syst.  Analyst, 
Consultant  or  QA  Analyst/Engr 
rqd.  Excellent  salry/benfts  pkg. 
Send  resumes  to:  NovaSoft 
Information  Technology  Corp., 
ATTN:  HR  Dept.,  8400 

Normandale  Lake  Blvd,  Ste  920, 
Bloomington,  MN  55437. 


Control  Systems  Designer 
wanted  by  construction  sup¬ 
plies  mftr  in  IL  to  dsgn  spe¬ 
cial  controlling  systms/soft- 
ware,  dsgn/diagram  struc¬ 
tures  &  circuits.  Provide  s / 
ware  prgm  reqmt  specs; 
eval  control  dsgn  systm 
models  w/physical  models. 
Must  have  Bach  or  equiv  in 
Comp  Sci.  Respond  to:  Mr. 
Bob  Kuzy,  Universal  Form 
Clamp,  Inc.,  840  S.  25th 
Ave,  Bellwood,  IL  60104.  No 
calls. 


Lead  SW  Dev  Engineer  -  Lead  a 
team  or  be  able  to  independent¬ 
ly  design,  develop,  code,  test  & 
debug  new  SW  or  make  signifi¬ 
cant  enhancements  to  existing 
SW  of  moderate  complexity 
using  knowledge  of  Oracle  6.0  - 
8.x;  Unix  shell  script,  C++, 
Javascript,  HTML,  SQL,  PL/ 
SQL;  Oracle  Developer  2000  & 
Oracle  Designer  2000.  Develop 
solutions  across  many  disci¬ 
plines  &  be  responsible  for 
explaining  solutions  &  proce¬ 
dures.  Apply  principles,  theories 
&  concepts  &  use  methodolo¬ 
gies,  tools,  documentation 
processes  &  test  procedures  to 
complete  projects  related  to 
moderately  complex  SW.  BS  in 
Comp.  Sci,  Engin.  or  related 
field  &  3  yrs  exp  &  working/theo¬ 
retical  knowledge  of  DB 
Development/Admin  in  Oracle 
6.0-8.X;  Programming  using 
Unix  Shell  Script,  C++,  Java¬ 
script,  HTML,  SQL,  PL/SQL,  & 
Oracle  Developer  2000/Oracle 
Designer  2000.  $73,333/yr.  M-F. 
40  hrs/wk.  Denver,  CO.  Must 
have  proof  of  legal  authority  to 
work  permanently  in  U.S. 
Application  by  resume  only  to 
Workforce  Development  Prog¬ 
rams,  PO  Box  46547,  Denver, 
CO  80202.  Ref  job# 
CO5088677. 


S/W  Engineers  to  analyze,  de¬ 
sign  business  appls  for  SAP 
R/3,  ABAP,  Workflow,  C,  C++. 
Java,  VB,  Oracle,  SQL,  etc. 
under  Windows,  UNIX  OS;  ana¬ 
lyze  business  processes  to 
determine  reqs  &  generate  re¬ 
ports;  prepare  documents,  flow 
charts  and  programming  specs; 
create  appl  prototypes  for  client 
approval  and  rapid  appl  devel¬ 
opment;  train  users  in  business 
appl  usage.  Require:  MS  or  for¬ 
eign  equiv.  in  CS/Engg.  (any 
branch)/Math  &  1  yr  exp  in  IT. 
High  salary.  F/T  position.  Travel 
Required.  Resume  to  HR, 
Smartsoft  International,  Inc , 
3965  Johns  Creek  Court, 
Suwanee,  GA  30024. 


Software  Engineer  -  Applic¬ 
ations.  Sought  by  Englewood 
Colorado  consulting  company  to 
work  in  various  unanticipated 
locations  throughout  the  U.S. 
Duties:  Develop,  create  and 
modify  general  computer  appli¬ 
cations  software  or  specialized 
utility  programs.  Analyze  user 
needs  and  develop  software 
solutions.  Design  software  or 
customize  software  for  client  use 
with  the  aim  of  optimizing  opera¬ 
tional  efficiency.  Analyze  and 
design  databases  with  an  appli¬ 
cation  area.  Use  of  Oracle, 
JavaScript,  Perl,  Sybase, 
Intershop,  ASP,  HTML,  SQL  and 
Windows  NT.  Reqs.  Masters  or 
equivalent  in  Computer  Science, 
Computer  Engineering,  Engin¬ 
eering  (any  field)  or  related  field. 
Plus  1  year  in  the  job  offered  or 
1  year  in  a  related  occupation, 
including  Programmer  Analyst, 
Internet  Specialist  or  Prog¬ 
rammer  $75, 000/year,  40/hrs/ 
wk,  9AM-5PM.  Respond  by 
resume  to  WORKFORCE  DEV¬ 
ELOPMENT  PROGRAMS,  PO 
Box  46547,  Denver,  CO  80202, 
and  refer  to  Job  Order  No.  CO 
5086067 


Computer  Support  Specialist 

To  support  multiplatform  com¬ 
puter  hardware  and  software 
systems  users  in  PC  and  Unix 
environment  and  maintain  the 
company's  NT  Servers  and  web¬ 
site.  Require  B.S.  in  Computer 
Information  Systems,  Computer 
Engineering  or  closely  related 
field  and  proficiency  in  both 
Windows  and  Unix  operating 
systems  and  in  ASP,  ASP.NET  & 
SQL  Server.  40hrs/wk.  Send 
resume  &cover  to  HR.  HGS 
Engineering,  Inc.,  1121  Noble 
Street,  Anniston,  AL  36201 .  Job 
Code:  AL-KS. 


Senior  Software  Architect, 
Delray  Beach,  Florida:  Analyses 
existing  functionality  and  pro¬ 
gramming  of  current  system  and 
evaluates  client  requirements  for 
new  or  modified  software  sys¬ 
tem.  Within  time  and  cost  con¬ 
straints  analyzes,  researches, 
designs,  develops,  and  cus¬ 
tomizes  in  Unix  financial  appli¬ 
cations  in  a  client-server  envi¬ 
ronment  utilizing  Shell  Scripting, 
C/C++,  SQL.  Motif,  Perl  and 
SYBASE.  Prepares,  plans, 
develops,  codes,  implements 
and  documents  software  sys¬ 
tems  using  detailed  design  doc¬ 
uments,  object  models  and  data 
flow  diagrams  including  data 
structure,  algorithm  and  proce¬ 
dure  flow.  Requirements: 
Master  degree  in  one  of  the  fol¬ 
lowing:  Computer  Science/ 
Engineering,  Mathematics, 
Computational  Science  or  relat¬ 
ed  area  and  two  years  experi¬ 
ence  in  the  job  offered  or  a  Ph.  D 
degree  and  six  months  experi¬ 
ence.  Wages  Offered:  $185,000 
per  year.  Hours:  40  hrs  per 
week:  Monday  to  Friday,  9:00am 
to  6:00pm.  Send  resume  to 
Workforce  Program  Support, 
P.O.  Box  10869,  Tallahassee.  FL 
32302-0869,  Att:  EH.,  Job  Order 
FL-2526398 


Stanford  Technology  Partners 
Inc.  is  an  IT  consulting  company 
with  its  clients  across  the  USA. 
We  seek  a  Peoplesoft  EPM 
Functional  Consultant.  Duties 
include  reporting  tool  selection; 
Identifying  legacy  system  report¬ 
ing  &  architecture;  conceptual 
sizing  of  hardware  configurations 
for  Peoplesoft  reporting  tools; 
creating  conceptual  design  docs; 
assisting  staff  on  docs,  identify¬ 
ing  gaps  in  source  system,  pre¬ 
sent  EPM  module  to  mgmt  and 
team  members  for  review  and 
implantation.  Job  is  located  in 
Tallassee,  Florida  or  unanticipat¬ 
ed  locations  throughout  the  USA. 
If  interested,  please  send  resu¬ 
me  to:  STPI,  289  Boston  Tpke  #6 
Shrewsbury.  MA  01545  e-mail: 


R  Systems,  Inc.  is  a  global  infor¬ 
mation  technology  services 
company  and  it  has  multiple  Job 
openings  for  the  following  posi¬ 
tions  at  its  corporate  office  in 
Sacramento  as  well  as  Project 
sites  throughout  the 
United  States: 

•  Applications  Programmer 

•  Database  Analyst 

•  Software  Engineers 

•  Systems  Analyst 

•  Network  Analyst 

•  IT  Project  Managers 

•  Business  Analyst 

•  Sales  Engineer 

•  Programmer  Analyst 

•  Sales  Manager 

•  Database  Administrators 

•  Market  Research  Analyst 

Minimum  requirement:  Bach¬ 
elor’s  degree  or  equivalent  and 
one  year  experience  in  the  job 
offered.  All  positions  may  involve 
relocation  to  project  sites. 

Submit  detailed  resume  and 
position  applied  for  to: 

Attn:  Venkatesh  Sundararajan 
5000  Windplay  Drive  Suite  5 
El  Dorado  Hills,  CA  95762 


Programmer  Analyst,  auto 
parts  export.  Evaluate  user 
req  &  implement  specialized 
computer  programs,  inc  inven¬ 
tory,  US  &  export,  customs  & 
fiscal  req,  SBT  accounting 
system  in  visual  fox  pro  lan¬ 
guage.  warranty/defect  con¬ 
trol,  &  pricing/cost  analysis/ 
availability.  M-F  9-5  $51,000 
yr.  Bachelor  in  computer  field 
or -equiv  ed  &  exp  &  2  yrs  exp. 
Resume  to  Workforce  Pro¬ 
gram  Support,  PO  Box  10869, 
Tallahassee,  FL  32302-0869. 
Re:  Job  Order  #FL2544978. 


NW062304E/MW‘W  1 


Computerworld  •  InfoWorld  •  Network  World  •  August  23,  2004 


careers 


it  careers.com 


IT  PROFESSIONALS 
Senior  Consultant 

(Glen  Mills.  PA  and  other  locations  throughout  the  United  States).  Provide 
professional  consulting  services  in  the  areas  of  business  process  trans¬ 
formation  and  implementation  of  integrated  software  solutions  to  meet 
evolving  business  needs.  Review  and  analyze  client  business  process 
requirements,  determine  optimal  integration  of  business  process  engi- 
ncenng  and  emerging  information  technologies,  and  propose  strategic 
solutions  and  business  process  improvements  including  benchmarking 
ano  design  analysis  Lead  the  design  and  implementation  of  mySAP.com 
EBP  such  as  BugsEys/eMerge  Catalog  management  tools  including  SAP 
MM  (Materials  Management)  &  PP  (Production  Planning),  SAP  Business 
Warehouse  and  SAP  SD  (Sales  &  Distribution)  &  WM  (Warehouse 
Management),  to  provide  best-of-breed  functionality  built  for  complete 
integration,  industry-specific  capabilities,  unlimited  scalability,  and  easy 
collaboration  over  the  Internet.  Lead  the  implementation  of  mySAP.com 
middleware  technologies  such  as  SAP  Business  Connectors,  ALE 
(Application  Link  Enabling).  BAPI,  and  IDOC  to  provide  a  program  distri¬ 
bution  model  and  technology  that  enables  clients  to  interconnect  pro¬ 
grams  across  various  platforms  and  systems.  Implement  project  man¬ 
agement  tools  and  create  and  apply  solution  specific  methodologies  to 
ensure  that  the  delivery  and  implementation  of  software  solutions  meets 
client  requirements  and  industry  standards. 

$1 03,000/year.  Mon-Fri  9:00am-5:00pm.  The  minimum  requirements  are 
as  follows:  Bachelor's  degree  or  equivalent  in  Computer  Science,  Engin¬ 
eering  (any),  or  Information  Systems  plus  4  years  of  experience  in  the  job 
offered  or  4  years  of  experience  as  a  Senior  Consultant,  SAP  Consultant, 
or  Executive.  Employer  will  regard  a  foreign  degree  to  be  equivalent  to  a 
U  S.  Bachelor's  degree  as  determined  by  an  accredited  foreign  creden¬ 
tials  evaluation  service.  Related  experience  must  also  include  2  years  of 
mySAP.com  EBP,  SAP  MM  (Materials  Management)  &  PP  (Production 
Planning),  SAP  Business  Warehouse,  SAP  SD  (Sales  &  Distribution)  & 
WM  (Warehouse  Management),  mySAP.com  middleware  technologies  & 
project  management  tools. 

Please  send  your  resume,  referencing  Job  Order  Number  WEB444883  to 
the  PA  CareerLink,  FLC  Unit,  235  W.  Chelten  Avenue,  Philadelphia,  PA 
19144.  EOE. 


QA  Engineer  Req  #608Design 
and  develop  Dynamics  quality 
assurance  test  applications  us¬ 
ing  4GL,  ADM2,  Dynamics  Tools 
and  distributed  computing  tech¬ 
nologies.  Install  and  configure 
applications  in  both  Windows 
and  Sun  operating  systems. 
Assist  technical  support  person¬ 
nel  with  product  issues;  validate 
product  defects  and  report  using 
internal  defect  tracking  system. 
Must  have  B.S.  in  CS  +  5  yrs. 
exp.  or  M.S.  +  6  mos.  exp.  in 
software  development.  Must 
have  knowledge  of  Java,  XML, 
OOP,  RDBMS.  PROGRESS 
4GL,  ADM  Tools  and  Dynamics. 
Interested  applicants  should 
submit  resume  to  S.  Fernandois, 
Progress  Software  Corp.  14  Oak 
Park,  Bedford,  MA  01730  - 
Equal  Opportunity  Employer. 
For  immediate  consideration, 
please  visit  our  career  page  at 
http://careers.peopleclick.com/ 
Client40_ProgressSoftware/ 
BUI /External_Pages_PSC/Job 
search.htm  and  apply  online,  re¬ 
ferring  to  the  requisition  #  for  the 
position  for  which  you  are  apply¬ 
ing. 

Jr.  Programmer  Analyst.  Assist 
P.A.  in  researching,  designing 
and  developing  s/w  for  integrat¬ 
ed  Business-to-Business  proto¬ 
col  interfaces  using  middleware 
SeeBeyond  e*Gate  integrator 
suite  and  diverse  sys.  w/in  an 
enterprise  using  message  based 
brokering  s/w.  Test  s/w  on  ALX 
servers  and  fine  tune  app.  using 
various  UNIX  memory  mgmt. 
tools.Assist  in  creating  and  ana¬ 
lyzing  data  back  up  scripts  and 
in  UNIX.  Assist  in  bldg,  real  time 
and  batch  mode  J2EE  comp, 
app.  using  J2EE  technologies 
such  as  servlets,  JSPs,  JMS, 
JNDI,  and  JDBC  and  app. 
servers,  which  include  IBM 
Websphere,  BEA  Weblogic  and 
Apache  Tomcat.  Req:  BS  in 
comp.  Info.  Sys.,  comp.  Sci.,  or 
related  area.  40hrs/wk. 

Job/Interview  Site:  Des  Moines, 
IA.  Send  resumet  to  Chuck 
Gutta,  Emprise  Consulting  LLC 
@  2915  Redhill  Ave.  #  F202, 
Costa  Mesa,  CA  92626. 

Jr.  Programmer  Analyst.  Assist 
P.A.  in  researching,  designing 
and  developing  s/w  for  various 
business  problems  using  J2EE 
and  object-oriented  design  prin¬ 
ciples  and  technologies  incl. 
UML  and  Waterfall  models,  and 
RUP  process.  Assist  in  testing 
s/w  solutions  using  Java,  J2EE, 
JSP,  Struts,  Servlets,  Swing  on 
Unix  and  windows  NT.  Assist  in 
developing  s/w  for  SQL  Queries 
and  stored  procedures  on  SQL 
Server  and  Oracle.  Provide  test 
cases  and  other  doc.  in  CMM  5 
standards.  Req:  BS  in  comp. 
Sci.,  Comp.  Eng.,  or  Elect.  Eng. 
40hrs/wk.  Job/Interview  Site:  De 
Moines,  IA.  Send  Resumes  to 
Emprise  Consulting  LLC,  Attn: 
Chuck  Gutta,  2915  Redhill  Ave., 
#  F202,  Costa  Mesa.  CA  92626. 

Seeking  qualified  applicants  for 
the  following  positions  in  Collier¬ 
ville.  TN:  Senior  Proier.t/Prncess 

Analvst.  Perform  nroiect  nlan- 
ning  and  analysis  and  provide 
project  leadership  for  IT  pro¬ 
jects,  processes  and/or  on-going 
programs.  Requirements:  Ba¬ 
chelor's  degree  or  equivalent*  in 
business,  computer  science, 
MIS  or  related  field  plus  5  years 
of  experience  in  planning,  pro¬ 
ject  management  or  process 
analysis  of  IT  projects.  Experi¬ 
ence  with:  either  SQL,  ASP  or 
CSP;  either  Crystal  Reports  or 
Crystal  Enterprises;  and  Win¬ 
dows  2000  Server  also  required. 
‘Master's  degree  in  appropriate 
field  will  offset  2  years  of  gener¬ 
al  experience.  Submit  resumes 
to  Roger  Wright,  FedEx  Corpor¬ 
ate  Services,  80  FedEx  Park¬ 
way,  Room  108,  Collierville,  TN 
38017.  EOE  M/F/DA/. 

Principal  Software  Engineer:  Pri¬ 
mary  responsibility  for  the  devel¬ 
opment  of  networking  software. 
Responsible  for  functional  spec 
dev,  arch  design,  implementa¬ 
tion  and  verification.  MS  or  for¬ 
eign  equiv.  in  EE  or  CS  plus  5  yr. 
exp.  that  must  include  3  yr.  with 
one  or  more  network  protocols 
including  IP,  TCP,  ARP,  DHCP, 
DNS,  SNMP, and  firewall.  .  Must 
be  familiar  with  IP  QOS  proto¬ 
cols  and  RFCs.  Must  have  dev¬ 
elopment  exp.  with  Linux,  and  in 
C/C++.  Please  send  resume  to 
Ucenthc  Systems,  2  Clock  Tow¬ 
er  Place,  Suite  550,  Maynard, 
MA  01754,  Attn  to  Pat  Riley. 

Business  Analysts  to  gather,  an¬ 
alyze,  document,  propose  sys¬ 
tems  solutions;  lead  JAD  sess¬ 
ions  to  analyze,  define  user  busi¬ 
ness  reqs,  process  descriptions, 
use  cases,  scenarios  using  ratio¬ 
nal  rose,  visio  etc.;  re-engineer 
business  processes/procedures, 
define/document  data  models 
using  SSAD,  OOAD,  RUP  meth¬ 
odologies;  analyze  system  per¬ 
formance  to  understand  excep¬ 
tions,  anomalies,  problem  areas; 
provide  direction/assist  project 
teams;  Require  Bachelors  in 
Business/Mgmt/CS/Engineering 
with  2  yrs  or  related  exp.  Compe¬ 
titive  salary.  Travel  involved.  F/T. 
Resume  to:  HR,  Bahwan 
Cybertek  Technologies,  Inc.,  209 
West  Central  Street,  Ste  312, 
Natick,  MA  01760. 

The  World 
Of  Work  Is 


Changing 


Luckily, 


We  Are  Too! 

itcareers.com  is  now 
powered  by 
CareerJournal.com! 

Search  for  jobs  and  post 
your  resume  here  on 
www. itcareers.com 
or  call  (800)  762-2977 
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SOFTWARE  ENGNR,  APPLNS 


IT  Careers 
Wants  You! 

Take  the  hassle  out  of 

job  searching  and 

check  us  out  at 

www.itcareers.com. 

Today,  more  than  ever, 
the  right  skills  fuel  the 
new  economy  and  IT 
Careers  wants  you  to  be 

there.  Check  us  out  at: 

www.itcareers.com 


Dvlp,  create  &  modify  web- 
based  computer  work  sys.  fol¬ 
lowing  a  life-cycle  full  dvlpmnt 
protocol.  Dsgn  customized 
applns  to  optimize  operational 
efficiency.  Analyze  &  dsgn  appln 
dbases  BS  in  Comp.  Sci., 
Electrical  or  Electronics  Engnrg 
reqd  +  3  yrs  exp.  in  position 
offered  or  as  a  Software  Engnr 
or  Prog.  Analyst.  Exp.  must  incl. 
Microsoft.net  tool  technologies 
like  ASP.net,  C#,  VB.net,  SQL 
Server  2000,  XMl/XSL  utilizing 
IIS  &  component  dsgn  &  dvlpm¬ 
nt  using  Visual  Basic/C++,  40 
hrs/wk,  8am  -  5pm,  OT  as  reqd, 
$66,730/yr.  Submit  resumes  to: 
Mon  Valley  Regional  Career- 
Link,  Attn:  Actg.  CL  Program 
Supervisor,  Donora  Industrial 
Park,  570  Galiffa  Drive,  Donora, 
PA  15033.  Refer  to  Job  Order 
No.  445142. 


Senior  Programmer  Analysts  to 
lead  teams  to  analyze,  design, 
develop,  implement  appls  using 
SAP,  C,  J2EE,  JSP,  RMI,  Web¬ 
sphere,  Weblogic.  and  EAI  tools 
like  Mercator,  Sybase,  Vitria, 
Webmethods,  etc  under  Win¬ 
dows/Unix  OS;  responsible  for 
data  modeling,  gap  analysis, 
etc;  involve  in  system/business 
analysis;  develop  functional 
specs  based  on  business  reqs; 
design,  develop  interfaces  and 
perform  integration  of  various 
modules;  test  team  members/ 
train  end  users.  Require:  BS  or 
foreign  equiv  in  CS/Engg.  (any 
branch)  &  3  yrs  exp  in  the  IT 
field.  Travel  involved.  F/T  posi¬ 
tion.  competitive  salary.  Resume 
to:  HR,  Koneru  Software 
Services,  333  Swanson  Dr.,  Ste 
124,  Lawrenceville,  GA  30043. 


Multiple  openings  for  Program¬ 
mer/Systems  Analysts,  Software 
Engineers:  Must  have  BS  in 
Com  Sci  or  rel  field  plus  2  yrs 
exp  in  requirement  analysis,  De¬ 
sign  and  development,  resolving 
the  technical  issues  W/exp  in 
two  or  more  of  the  following 
skills:  Oracle  Applications  (GL, 
AP,  AR,  FA.  PO,  INV,  OM,  CM. 
BOM  modules  ver  11/11i)  Oracle 
Reports,  forms,  Discoverer. 
Unix,  Solaris,  C/C++,  JAVA, 
XML,  PeopleSoft,  Cognos,  Win/ 
Load  Runner,  DB2,  PLSQL,  MS- 
SQL,  Sybase,  PB,  VB,  ASP,  .net 
&  Windows.  Resumes  to  Z3 
Technologies  Inc.,  11400  W 
Bluemound  Rd,  Wauwatosa,  Wl 
53226. 

emails:  resumes@z3tech.com 


Programmer  Analyst:  program, 
implement,  edit,  and  maintain 
user  application  programs. 
Trouble-shoot,  compile  and  doc¬ 
ument  program  development. 
Req.  Bachelor's  degree  or  for¬ 
eign  equivalent  (based  on  edu¬ 
cation  or  work  experience,  or 
both)  in  CS,  CE,  Electrical  & 
Electronic  Engineering,  MIS, 
ME.  Electronic  and  Comm¬ 
unication  Engineering  or  related 
field  with  proficiency  in  either 
Baan,  Oracle  Financial  ERP, 
Java/Weblogic/Websphere, 
Informatica,  Siebel  or  C++/ 
Corba.  40hr/wk,  9:00  a.m.-  5:00 
p.m.  Send  resume  to  Visionsoft 
International,  Inc.,  1842  Old 
Norcross  Road,  Suite#  100 
Lawrenceville,  GA  30044 


Need  IT  Professionals  like 
Software  Engineers,  Program¬ 
mer  Analysts,  IT  Business 
Managers  for  company  based 
in  Bristol,  PA.  MS/BS  Degree 
or  equivalent  in  C.S,  CIS,  MIS, 
Engg  (any),  Math,  Phy.  /  rel 
field  and/or  rel.  work  exp.  All 
positions  may  involve  travel 
&/or  relocation  to  project  sites 
throughout  the  U.S.  Mail 
resumes  to  HR  at  Systems 
People,  Inc.,  1200  New 
Rodgers  Road,  C  7B,  Bristol, 
PA  19007.  State  the  post 
applied  for. 


"SUCCES 


join  the  $300  BILLION 

COMPUTER  SERVICE  OUSINESS. 


Find  out  how  you  can  invest  in  one  of 
Entrepreneur  Magazine  s  “HOT  100 
Franchises”,  and  in  a  Franchise  Times 
FAST  55”  company.  Single,  Multi-Units 
and  Area  Development 
Opportunities  are  now  available. 
For  more  information  call 


or  visit  us  at  ^7) 

geeksoncall.com 


©Geeks  On  Call  America,  Inc. 


Database  Consultant/Software 
Engineer  to  sen/e  as  senior  con¬ 
sultant  to  provide  strategic  tech, 
leadership  for  data  architecture 
across  Co's  systems  &  market 
data  services.  Will  initiate,  plan 
&  implement  complex  database 
development  projects,  providing 
direction  for  DBMS  operational 
&  warehousing  methods  &  tools; 
research  DBMS  technology;  rec¬ 
ommend  changes  in  project 
development  methods  &  strate¬ 
gies  to  architects  &  manage¬ 
ment.  Requires  Bachelor's  or 
equiv  in  C.Sc.,  Engineering, 
Math,  or  Physics  plus  6  yrs  ex- 
per  in  job  offered,  OR  6  years  in 
Database  Administration;  Alter¬ 
natively,  will  accept  No  degree 
plus  8  yrs  of  exper  in  job  offered, 
OR  8  yrs  in  Database  Adminis¬ 
tration.  Candidate  must  also 
possess  demonstrated  expertise 
in  DB2  administration,  incl. 
UDB,  AIX,  and  SOLARIS,  and 
UDB  replication  in  a  zero  latency 
environment;  demonstrated  ex¬ 
pertise  in  ORACLE  administra¬ 
tion,  including  PL/SQL  program¬ 
ming,  performance  tuning  & 
optimization;  and  demonstrated 
expertise  in  strategic  data  archi¬ 
tecture,  including  actuate  report¬ 
ing,  ETL  tools  &  operational  data 
storage  analysis.  Sal:  $94,750/ 
yr,  M-F,  9A-5P.  Send  2  resumes 
to  Job  Order  #2004-226,  P.O. 
Box  989,  Concord,  NH  03302- 
0989.  EOE.  Applicants  must  be 
U.S.  workers  eligible  to  accept 
full-time  U.S.  employment. 


IndusValley  Consultants,  Inc.,  is 
a  global  IT  systems  integration 
and  solutions  firm  has  openings 
for  the  following:  Software  Engin¬ 
eers:  Research,  Architect,  Inte¬ 
grate  distributed  applications  uti¬ 
lizing  various  software’s  such  as 
SAP  R/3,  Clarify,  Siebel,  Oracle 
Apps.  Visual  Basic,  Java,  Tibco. 
Provide  leadership  to  complete 
design  solutions,  write  code,  per¬ 
form  testing,  provide  documenta¬ 
tion,  and  implement  develop¬ 
ment  projects.  Need  Master's 
Degree  in  Computer  Science  or 
related  and  2  years  of  experi¬ 
ence.  Programmer  Analysts: 
Plan,  test  and  develop  web  appli¬ 
cations  for  ERP  and,  CRM  pack¬ 
ages.  Design  and  develop  client- 
server  applications  using  Java, 
ASP,  VB,  C.  Clarify,  Siebel  and 
AutoCAD2002.  Interact  with  cli¬ 
ents  to  design  the  functions  of 
software  according  to  client  spe¬ 
cifications.  Need  Bachelor's  De¬ 
gree  in  Computer  Science  or 
related  and  2  years  of  experi¬ 
ence.  Send  resume:  HR  Mana¬ 
ger:  401  E.  8th  St..  Ste.  #  200Y, 
Sioux  Falls,  SD  57103. 

E-mail:  sam@lndusvalley.com 
fax:  800-440-1907. 


IT  PROFESSIONALS 

Senior  Consultant/Technology 
Solutions 

(Glen  Mills,  Pennsylvania  and 
other  locations  throughout  the 
U.S.).  Design  and  implement 
leading  business  application  sof¬ 
tware  to  provide  solutions  for  cli¬ 
ents  focusing  in  the  manufactur¬ 
ing  and  consumer  business  ind¬ 
ustries.  Engage  in  design  and 
implementation  of  process  and 
technology  solutions  for  supply 
chain  optimization,  production 
planning  and  scheduling,  quality 
management,  business  to  busi¬ 
ness,  customer  management 
and  business  intelligence.  Scope 
and  plan  functional  requirements 
along  with  design,  development, 
customization  and  implementa¬ 
tion  of  applications  using  SAP  R / 
3,  SAP  Business  Intelligence  and 
SAP  Industry  Solutions  and  cus¬ 
tomization  of  supply  chain  opti¬ 
mization  using  i2  technologies. 

Salary  $77,126  per  year.  Mon- 
Fri,  9:00  am  to  5:00  pm.  The  pos¬ 
ition  requires:  Bachelor's  degree 
in  Computer  Science,  Computer 
Engineering,  IS,  MIS  or  related  + 
2  years  of  experience  in  the  job 
offered  or  2  years  of  experience 
as  Technical  Consultant,  EPR  In¬ 
tegration  Engineer,  SAP  Produc¬ 
tion  Engineer  or  related  occupa¬ 
tion.  Related  experience  must 
include  utilization  of  configura¬ 
tion,  development  and  business 
technical  data  warehousing  skills 
and  include  SAP  R/3,  SAP  Busi¬ 
ness  Intelligence,  SAP  Industry 
Solutions  and  i2  Technologies. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number 
WEB444831  to  the:  PA  Career- 
link.  FLC  Unit,  235  W.  Chelten 
Avenue.  Philadelphia,  PA  19144. 
EOE. 


NovaSoft  Information  Tech¬ 
nology  Corp.,  a  sftwr  consulting 
firm  &  web  development  co.,  is 
seeking  a  Programmer  Analyst 
to  work  in  the  Minneapolis  area 
who  will  be  respons.  for  dsgn, 
dvlpmnt  &  implem.  of  client/serv¬ 
er  appl,  sftwr  using  current  IT 
skills.  AS  in  Comp.  &  Info  Sci., 
Chemistry,  Math,  Busns  or 
Engrg  &  2  yrs  exp.  as  Prog. 
Analyst,  Sftwr  Engr,  Sftwr 
Consultant  or  Proj.  Mgr  rqd. 
Must  have  2  yrs  exp.  w / 
Arcnet/Ethernet  protocols, 
CSMA /  CD  protocols,  WAN 
solutions  (PC  Connect  & 
Netware),  TCP/IP,  Win  NT  & 
IPX/SPX,  &  2  yrs  exp  w/user  & 
busns  requirements  analysis. 
Excel,  salary/benefits  pkg.  Send 
resumes  to:  NovaSoft  Infor¬ 
mation  Technology  Corp.,  ATTN: 
HR  Dept.,  8400  Normandale 
Lake  Blvd,  Ste  920, 
Bloomington,  MN  55437. 


Vensai  Technologies  has  the  fol¬ 
lowing  openings  for  individuals 
to  work  at  client  sites  throughout 
the  U.S.:  Application  Developer 
with  exp  in  EDI,  Java, 
Websphere,  DB2.  Mercator; 
DBA  with  exp  in  DB2,  Oracle, 
Solaris,  Siebel  and  Decision 
Support  Products;  System 
Analyst  with  exp  building  n-tier 
static/web  applications,  Cold 
Fusion.  CFMX,  HTML,  Java¬ 
Script,  CSS,  Oracle,  SQL; 
System  Programmer  with  exp  in 
DB2  stored  procedures,  C,  C++, 
Cobol,  Java,  MVS  Internals, 
JES2,  OS;  System  Analyst  with 
exp  in  C,  Peoplesoft,  RTOS, 
pSOS/vxWorks,  Texas  Instru- 
-ments,  DAC's  and  ADC's; 
Software  Engineer  with  exp  in 
Clarify  modules,  Java,  EJB, 
JSP,  Weblogic.  Oracle,  J2EE, 
MQ  Series,  Tuxedo,  Rational 
Rose,  ClearQuest,  Clear  Case; 
PeopleSoft  Java  Programmer 
with  exp  in  Peoplesoft,  Java, 
Oracle,  Discoverer,  Developer; 
Client  Server  Software  Engineer 
with  exp  in  eCRM  packages, 
Siebel,  Vantive  and  Onyx.  ETL 
Programmer  Analyst  with  exp  in 
ETL  tools  in  large  scale  Data 
Warehousing  Projects,  SQL, 
Oracle,  DB2,  Solaris  and 
Rational  Tools.  All  applicants 
must  have  B.S.  in  Computer 
Science,  Engineering  or  relat¬ 
ed.  Apply  to:  Vensai  Techn¬ 
ologies,  20  Trafalgar  Square, 
Suite  400,  Nashua,  NH  03063. 


IT  Professionals,  exp'd,  sought 
by  a  Software  Consulting  Co.,  in 
any  of  following  areas  (i)  J2EE 
Architecture,  weblogic  or  iplanet, 
JavaScript  &  XMUXSLT  (ii) 
Oracle  Forms,  Reportwriter  & 
Database  Dsgn  (iii)  Lotus  Notes, 
SDLC,  PVCS  VM,  Tracker  rela¬ 
tional  d/bases  &  IBM  MQ  Series 
(iv)  Datawarehousing  applies 
using  Informatica,  Powercenter, 
Powerconnect,  Cognos  Report- 
net  &  Metrics/Framework  &  (v) 
C,  C++,  ASP.  VSS,  SQL  Server, 
XML  &  Net.  BS  in  Comp  Sci, 
Eng.  or  related  field.  Applicants 
must  be  willing  to  relocate/travel 
to  various  unanticipated  Iocs 
throughout  US.  Resume  to 
DatamanUSA,  Attn.  HR.  31 5A 
West  Lincoln  Way,  Ste  15, 
Cheyenne,  WY  82001  or  email 
to  jobs_wy@datamanusa.com 
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IT  PROFESSIONALS 
Senior  Consultant 

iGlen  Mills,  PA  and  other  locations  throughout  the  United  States).  Respo¬ 
nsible  for  Siebel  software  development  tasks  associated  with  the  design 
and  development  for  customization  of  Siebel  applications.  Develop  Siebel 
objects  including  creation  of  business  components,  business  objects, 
applets,  views  and  screens.  Develop  Siebel  Enterprise  integration  objects 
enabling  Siebel  to  integrate  with  other  systems  including  SAP  and  Oracle 
utilizing  Siebel  Enterprise  Integration  modules.  Create  integration  objects, 
workflow  processes  and  data  mappers  and  develop  business  services  to 
incorporate  the  required  logics.  Test  workflows  and  utilize  various  Siebel 
connectors  and  adapters  enabling  Siebel  to  communicate  with  middle¬ 
ware  technologies  and  other  applications.  Utilize  Siebel  Enterprise  Integ¬ 
ration  Manager  to  load  data  into  Siebel  from  other  legacy  or  source  sys¬ 
tems  Prepare  data  sheets  as  per  table  requirements,  write  control  files, 
run  SQL  loader  scripts  to  load  data  in  the  interface  tables  and  create  serv¬ 
er  ;asks  to  run  the  Enterprise  Integration  Manager  process.  Develop  strat¬ 
egy  documents  for  proposed  technical  solutions,  design  deliverables, 
develop  documents,  and  write  test  scripts  and  test  plans.  Responsible  for 
the  scoping  and  mapping  of  operational  reporting  requirements  to  Actuate 
S;ebel  reports  with  report  parameters/tilters,  and  design  the  Actuate  Sieb¬ 
el  reports  Lead  data  integration,  and  oversee  data  conversion  and  appli¬ 
cation  configuration  efforts  including  leading  a  team  of  Siebel  developers. 
Perform  the  analysis  of  existing  business  and  system  use  cases  and  re¬ 
quirements  documentation  Perform  accurate  analysis  and  effective  diag¬ 
nosis  of  client  issues  and  oversee  day-to-day  client  relationships  on  client 
engagements.  Implement  project  management  tools  and  create  and  ap- 
piy  solution  specific  methodologies  to  ensure  that  the  delivery  and  imple¬ 
mentation  of  software  solutions  meets  client  requirements  and  industry 
standards. 

$82,650/year.  Mon-Fri  9:00am-5:00pm.  The  minimum  requirements  are 
as  follows:  Bachelor's  degree  or  equivalent  in  Computer  Science,  Engin¬ 
eering  (any),  Information  Systems,  Mathematics,  or  Business  Administra¬ 
tion  plus  5  years  of  experience  in  the  job  offered  or  5  years  of  experience 
as  a  Senior  Consultant,  Consultant,  or  Software  Engineer.  Employer  will 
regard  a  foreign  degree  to  be  equivalent  to  a  U.S.  Bachelor's  degree  as 
determined  by  an  accredited  foreign  credentials  evaluation  service.  Relat¬ 
ed  experience  must  also  include  at  least  1  year  of  Siebel  application  de¬ 
velopment,  Siebel  enterprise  integration  development,  utilization  of  Siebel 
Enterprise  Integration  Manager,  integration  of  Siebel  with  other  applica¬ 
tions  including  SAP  or  Oracle  and  development  of  Actuate  Siebel  reports. 
Please  send  your  resume,  referencing  Job  Order  Number  WEB444901  to 
the:  PA  CareerLink,  FLC  Unit,  235  W.  Chelten  Avenue,  Philadelphia,  PA 
19144.  EOE. 


Sage  IT  is  looking  for  IT  profes¬ 
sionals  to  develop  applications 
using  Cognos  Impromptu, 
PowerPlay,  ReportNet,  SQL, 
Oracle,  Tera  data  (NCR),  Sybase. 
Esbase,  DB2,  Red  Bricks, 
Informatica,  Data  Stage,  Ab  Initio. 
Web  Logic/Sphere,  JSP,  ASP. 
Min.  BS  w/  exp.  Please  contact 
info@sageitinc.com.  EOE 

Global  Consulting  is  looking  for 
programmer/system  analysts, 
software  engineers.  Candidate 
must  have  BS  with  IT  experience. 
Good  skills  in  C/C++.  Java, 
Oracle,  EJB,  J2BB,  WebLogic, 
VB,  HTML  are  plus.  Traveling  is 
required  for  some  positions. 
Apply  job@g-c-g.net  EOE.  No 
calls. 


Systems  Analyst  sought  by  large 
employer  in  Electronic  Print 
Svcs  Industry.  Reqs  BS  in  Engg, 
CS  or  MIS.  Min.  2  yrs  IS  exp  in  a 
high  speed  digital  print  technolo¬ 
gy  envrmt  &  using  document 
print/print  image  formats  incl 
Xerox  Meta/code  &  DJDE,  IBM 
AFP,  Adobe  PDF,  fonts,  bar¬ 
codes,  font  edit  tools,  document 
dsgn  tools.  Min.  2  yrs  exp  using 
Process  Automation  on  multiple 
platforms  (IBM  MVS,  Window, 
Unix,  HS  Printers).  Min.  2  yrs 
exp  W/VC++,  VB,  MS  Access. 
SQL,  MicroTech,  IMR  Alchemy, 
Elixir  &  CompuSet.  M-F  8-5. 
Respond  to  Scott  Erickson,  HR 
Mgr,  Moore  Wallace,  Business 
Communication  Svcs,  630  W. 
1000  North,  Logan,  UT  84321. 


Enterprise  Business  Solutions, 
Inc.  EBS,  Inc.  has  several  per¬ 
manent  positions  open  for 
Software  Developers,  Comput¬ 
er  Programmers,  Software  En¬ 
gineers,  Systems  Analysts, 
Quality  Assurance  Engineers, 
Programmer  Analysts,  GUI 
Programmers  and  Technical 
Recruiters  with  strong  skills  in 
several  of  the  following:  • 
Informix,  Sybase,  Oracle,  DB2 
•Powerbuilder/VB/VC++/C/ 
C++  /Java  •  Windows  NT/  Unix 
Admin  •  Mainframe/Cobol/ 
CICS/AS400/RPG  •  People- 
Soft,  People  Tools,  SQR, 
Oracle  •  Testing/Winrunner/ 
Silk/Rational/QA  Run  •  COR- 
BA/COM/DCOM  •  HTML/ ASP/ 
JSP  •  SAP  R/3,  ABAP  4,  MM, 
SD,  FI,  EDI.  ALE.  Full  time 
positions  among  our  offices 
and  client  sites  on  an  ongoing 
basis.  Please  send  resumes 
to:  Enterprise  Business 

Solutions,  Inc.,  1329  West 
Irving  Park  Rd.,  Suite  301, 
Bensenville,  IL  60106.  An  EOE 


MagnaQuest,  Inc. 

Programmer  Analysts:  Design, 
develop  and  test  Internet  based 
programs  for  EBPP  packages, 
Electronic  Billing  Presentation 
and  Payment.  Design  client- 
server  applications  using  JAVA, 
EJB,  NetDynamics  and  Oracle. 
Interact  with  clients  to  design 
the  functions  of  software  ac¬ 
cording  to  client  specifications 
using  Unix,  C++,  Corba,  XML, 
UML,  WEBLOGIC  7,  testing 
tools.  Req.  Bachelor's  degree 
in  Computer  Science  or  Engg. 
and  1  year  of  exp.  Send 
resume  to:  HR,  MagnaQuest, 
Inc.,  16219  S.  31st  Way, 
Phoenix,  AZ  85048.  E-mail: 
mqusa@magnaquest.net. 


System/Programmer  analysts, 
IT  engineers  needed  by  E  IT 
professionals,  Inc.  to  design 
system  applications  to  meet 
client's  requirements  using 
Java.  Oracle,  VB,  Web  Tech, 
Unix.  SQL,  SAP.  JSP,  J2EE,  MS 
Tech,  etc.  BS/MS  with  IT  exp 
required.  Contact 
pete@itprofs.net.  EOE.  No  calls. 

OTS  (Object  Tech  Solutions) 
has  multiple  openings  for  IT  pro¬ 
fessionals  (software  engineers, 
system/program  analysts,  DBA, 
etc)  to  design  and  develop  appli¬ 
cations  using  various  skills  such 
as  VB  Oracle,  Java, 
WebSphere.  SQL,  SAP.  Req 
MS/BS  with  exp.  Contact 
resumes@otsi-usa.com.  EOE. 


Systems  Analyst  w/SCSA  need¬ 
ed  at  client  sites  to  dsgn,  dvlp, 
code,  test,  debug,  modify  & 
implmt  prgms;  provide  Tier  3 
support  of  Web,  Mail,  DNS  & 
provisioning  Internet  services; 
dsgn  &  implmt  high-availabLe 
Unix  systms;  tools  inch  JDK, 
Perl  CGI.  HTML,  Veritas  Volume 
Manager  &  Cluster  Server,  Net- 
backup,  Checkpoint  Firewall, 
Cisco  Routers,  Foundry  Switch¬ 
es,  TCP/IP  networks,  Sun  E420, 
SunE250,  Solaris,  RedHat, 
Oracle,  Sun  StorEdge  A5200, 
NETApp  F760,  DNS,  NIS  & 
NFS.  Apply  to:  Global  Consult¬ 
ants.  Attn:  Hireme,  25  Airport 
Rd,  Morristown,  NJ  07960. 


Computer  Programmers  need¬ 
ed.  Seeking  qual.  candidates 
possessing  BS  or  equiv.  and/or 
rel.  work  exp.  Part  of  the  req.  rel. 
work  exp.  must  include  2  yrs 
working  w /  Java  and  XML  and  1 
year  working  with  .Net;  experi¬ 
ence  can  be  simultaneous. 
Duties  include:  Develop  &  write 
programs;  Configure  HW/SW; 
Analyze  &  implement  remote 
control  of  Software  packages. 
Work  with  Java,  SQL,  Linux, 
NET,  &  XML.  Send  res.,  ref.  & 
sal.  req.  to  Applianz 
Technologies.  322  S.  Mosley, 
Wichita,  KS  67202. 


Systems  Administrators  to  plan, 
design,  install,  maintain  and  ad¬ 
minister  LAN/WAN  networks;  in¬ 
stall,  configure,  administer  Win¬ 
dows  NT,  IIS  &  SQL  Servers; 
maintain  backups  and  provide 
support  for  users;  create,  main¬ 
tain  user  accounts;  manage 
communication  systems  includ¬ 
ing  Mail  servers;  evaluate  new / 
existing  systems,  recommend 
future  IT  strategies.  Require:  BS 
of  foreign  equiv.  in  CS/ 
Engg. (any  branch)/Buss.  with  2 
yrs  exp.  in  Sys  Admin./Sys. 
Mgmt.  F/T.  Travel  Involved.  High 
Salary.  Resumes  to:  HR,  Fourth 
Technologies,  Inc.,  585  Tollgate 
Road.  Ste  I,  Elgin,  IL  60123. 


eToys  Direct  seeks  applicants 
for  the  position  of  Web 
Applications  Developer  in 
Denver,  CO  to  design  and  devel¬ 
op  custom  web-based  software 
applications.  Requirements 
include  bachelor's  in  computer 
science  or  related  field  and 
experience  in  designing  and 
developing  web-based  applica¬ 
tions.  Requirements  also  include 
working  knowledge  of  TCL/TK, 
Expect  Programming  Language, 
Oracle  Development  and  Python 
Scripting  Language.  Respond 
by  resume  to  Gigi  Healy,  eToys 
Direct,  1099  18th  St.,  #1800, 
Denver,  CO  80202. 


Database  Aps  Engr  -  Design, 
develop,  &  impl.  RDBMS  util. 
SQL  &  multi-tiered  distributed 
apps  util.  VB,  ASP,  &  HTML/XML 
to  run  on  Windows  NT  o/s.  Prov¬ 
ide  on-site  info,  systems  consul¬ 
ting  to  corp.  clients  in  order  to 
maximize  info,  system  efficien¬ 
cy.  REQS:  MS  in  CS,  Math,  Phy¬ 
sics,  or  any  Engineering  discip¬ 
line,  +  2  yrs  of  exp  in  job  offered, 
or  2  yrs  of  exp  as  a  Database 
Admin,  or  Database  Design 
Analyst.  Salary:  $65,000  to 
$80,000,  DOE.  Incl.  benes,  40 
hrs/wk.  EOE.  Job  loc:  Various 
unanticipated  locations  through¬ 
out  U.S.  Apply  by  resume  only 
to:  Job  #005087982,  Workforce 
Development  Programs,  P.O. 
Box  46547, Denver,  CO  80202. 


Computer  Support  Special¬ 
ists  -  needed  for  various 
unanticipated  locations  in 
US  to  support  clients'  tech¬ 
nical  efforts  in  building  and 
configuring  computer  sys¬ 
tems,  performing  network 
admin  and  hardware  trou¬ 
bleshooting.  BS  in  Mech¬ 
anical/Electrical  Eng  reqd. 
40  hr/wk,  $20+/hr.  Send 
resume  w /  ad  to  Ms.  Shipe, 
OAO  Services,  2266  South 
Dobson  Rd,  #209,  Mesa, 
AZ  85202. 


Better  address?  Better  compensation? 
Better  training?  Better  get  in  here! 

www.itcareers.com 

Now  powered  by  CareerJournal.com 


Jr.  Programmer  Analyst.  Assist 
PA  in  researching,  designing 
and  developing  s/w  for  various 
business  problems  using  J2EE 
and  object  -  oriented  design 
principles  and  technologies  incl. 
UML  and  Waterfall  models  and 
RUP  process.  Assist  in  testing 
s/w  solutions  using  Java,  J2EE, 
JSP,  Struts,  Servelts,  Swing  on 
Unix  and  Windows  NT.  Assist  in 
developing  s/w  for  SQL  Queries 
and  stored  procedures  on  SQL 
Server  and  Oracle.  Provide  test 
cases  and  other  doc.  in  CMM  5 
standards.  Req  :  BS  in  Com. 
Sci.,  or  Comp.  Info.  Sys.  or 
Comp.  Eng.  40  hrs/wk. 
Job/Interview  site:  De  Moines, 
IA.  Send  resume  to  Emprise 
Consulting  LLC,  Attn  :  Chuck 
Gutta,  2915  Redhill  Ave.,  # 
F202,  Costa  Mesa,  CA  92626. 


Paradigm  Technologies  is  look¬ 
ing  for  program/system  analysts, 
DBA,  s/w  engineers.  Candidates 
must  have  BS/MS  with  experi¬ 
ence.  Good  skills  in  C/C++, 
Java,  Oracle,  WebLogic,  VB, 
HTML,  ERP  are  plus.  Traveling 
required  for  some  jobs.  Please 
apply  at  jobs@paradigmtek.com. 
EOE.  No  calls. 

Stryon,  a  leader  that  provides 
Software  Transformation 
Solutions,  looks  for  IT  profes¬ 
sionals  to  develop  our  own 
migration  products,  iNET  and 
iASP  &  our  bridging  middleware 
products,  iHUB  and  R-JAX. 
Must  have  BS/MS  with  IT  exp. 
Please  send  resumes  to 
contact@stryon.com.  EOE. 


I  want  an 
IT  professional 
skilled  in  the 
latest  innovative 
technologies 

The 

IT  Careers  Network 
will  focus  and  direct 
your  message  to  IT's 
most  impressive  audience 
—  the  experts  who  are 
helping  business  to 
succeed. 

Post  open  positions 
online  or  in  print. 

Call  (800)  762-2977 


A  Call  To  Action! 

Take  the  hassle  out  of 

searching  for  the  right 

candidate  and  contact  us 

at  (800)  762-2977. 

We  can  place  your 
message  in  front  of  2/3  of 
all  US  IT  professionals. 

Call  (800)  762-2977 

www.itcareers.com 
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Handing  off  security 


For  the  first  time,  the  Computer  Security  Institute/FBI 
Computer  Crime  and  Security  Survey  took  a  look  at 
whether  companies  are  outsourcing  security  functions. 
What  they  found: 

Number  of  companies  and  what  percentage  of  security  functions 
they  outsourced  in  2003: 
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Outsource 
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turn  to  outsourcing  because  they 
want  to  use  their  security  staff  to 
address  security  needs  for  e-com¬ 
merce  and  VPN  and  Web  applica¬ 
tions  —  the  let-the-good-guys-in 
sort  of  stuff  to  connect  with  cus¬ 
tomers.  partners  and  employees,” 
says  Kelly  Kavanagh,  a  principal 
analyst  at  Gartner. 

“The  routine  monitoring  and 
maintenance  of  firewalls  and 
monitoring  of  [intrusion-detec¬ 
tion  system]  traffic  for  alerts  are 
things  they’re  finding  have  a  great 
impact  on  their  staff  time  and  is 
something  they  can  give  to  some¬ 
body  who  does  that  24-7”  he  says. 

Since  the  beginning  of  the  year, 
clients  have  had  more  questions 
about  outsourcing  security  and 
more  are  on  the  brink  of  con¬ 
tracting  with  service  providers, 
Kavanagh  says,  adding  that  “the 
question  now  is  ‘who,’  not 
‘whether’  or ‘if.’” 

Still,  analysts  note  that  the  move 
to  outsource  security  functions  is 
a  slow  one.  One  reason  is  that  the 
so-called  managed  security  ser¬ 
vice  provider  market  continues  to 
consolidate  —  Level  3  Commun¬ 
ications  acquired  Genuity  early 
last  year,  and  VeriSign  snapped  up 
Guardent  in  February  this  year  — 
leaving  some  enterprise  cus¬ 
tomers  wary  about  contracting 
with  a  firm  that  might  not  be 
around  in  a  few  months. 

Gartner  expects  consolidation 
to  continue  as  smaller  players 
band  together  to  compete  with 
larger  providers  and  those  large 


firms  seek  to  expand  their  secur¬ 
ity  expertise  through  acquisition. 

In  addition,  companies  for  a 
variety  of  reasons  are  still  reluc¬ 
tant  to  hand  off  security  functions 
to  outside  parties. 

Willis  Marti,  associate  director 
for  networking  for  computing 
and  information  services  at  Texas 
A&M  University  in  College  Sta¬ 
tion,  says  increasingly  complex 
security  needs  linked  to  prolifer¬ 
ating  viruses,  patch  management 
and  other  issues  actually  make 
him  more  likely  to  keep  security 
in-house. 

“The  more  complex  the  task,  the 
more  difficulty  in  structuring  an 
agreement  with  an  outside  party’ 
say  Marti, who  oversees  a  network 
that  connects  more  than  60,000 
users.“Security  has  to  be  provided 
in  the  context  of  business  opera¬ 
tions.  .  .  .  There  is  almost  no 
chance  we’ll  do  any  outsourcing 
of  security  functions.  Part  of  the 
reason  is  a  special  expertise  we 
have,  part  is  because  I’m  not 
aware  of  any  really  successful 
outsourcing,  and  part  is  the  close- 
to-unique  nature  of  a  major 
university’ 

John  Halamka,  CIO  of  Harvard 
Medical  School  and  CareGroup 
Healthcare  System  in  Boston, 
began  outsourcing  network  secu¬ 
rity  monitoring  to  Counterpane  in 
2001,  but  brought  those  functions 
back  inside  the  organization 
last  year. 

“Because  we’re  a  healthcare 
organization  it  was  essential  to 
develop  a  core  competency  in 
doing  network  security’  says 
Halamka,  who  estimates  his  net¬ 


work  is  attacked  about  every  7 
seconds  on  average.  “With  [the 
Health  Insurance  Portability  and 
Accountability  Act],  we  wanted 
to  have  our  own  internal  staff 
who  could  be  extraordinarily  vig¬ 
ilant  and  fleet  of  foot  to  respond 
to  issues  instantaneously  and 
constantly  advise  how  to  improve 
our  infrastructure  to  guard 
against  ever-wily  hackers.” 

It  was  access  to  this  type  of  ad¬ 
vice  that  was  part  of  the  reason 
why  financial  publisher  Bowne  & 
Co.  in  New  York  outsourced  its  IDS 
monitoring  to  Internet  Security 
Systems  (ISS). 

“We  have  a  good  mix  of  in- 
house  expertise  and  good  stan¬ 
dard  operating  procedures  and  a 
service  that  has  been  reasonably 
priced  and  has  given  us  access  to 
additional  expertise  that  has 
been  quite  helpful,”  says  Ruth 
Harenchar,  Bowne’s  CIO. 

Last  month,  Credit  Suisse  in 
Zurich,  Switzerland,  announced 
that  it  was  outsourcing  security 
for  the  first  time,  entering  into  a 
three-year  contract  with  Ubizen 
to  monitor  the  bank’s  IDS. 

“Monitoring  and  administering 
an  intrusion-detection  system  in  a 
complex  IT  environment  requires 
specialized  know-how,  which 
must  be  available  24-7  and  con¬ 
tinuously  updated,”  says  Ralph 
Holbein,  chief  information  securi¬ 
ty  officer  for  Credit  Suisse. “This  is 
very  challenging  as  well  as  costly 
and,  obviously  not  a  core  func¬ 
tion  of  a  financial  institution.” 

Holbein  wouldn’t  say  how 
much  Credit  Suisse  is  saving  by 
outsourcing  its  IDS  monitoring, 
but  says  that  having  access  to 
Ubizen’s  expertise  will  “increase 
the  quality  and  effectiveness  of 
our  security’  Savings  come  from 
being  able  to  reallocate  IT  staff, 


eliminating  the  need  to  add  IT 
staff  as  security  needs  increase, 
for  example. 

That’s  what  EMI  was  looking  for 
when  it  outsourced  some  of  its 
security  functions  about  a  year 
and  a  half  ago. The  music  giant  in 
New  York  found  that  as  its  online 
business  grew,  so  too  did  the 
demands  on  its  internal  IT  staff. 

“We  had  put  firewall  technolo¬ 
gies  in  place  and  we  were  manag¬ 
ing  them  ourselves,  but  we  weren’t 
happy  with  the  service  level  we 
were  able  to  provide  internally’ 
says  Jim  Russo,  senior  director  of 
network  services  at  EMI. 

So  the  company  turned  its  fire¬ 
walls  and  related  technology, 
such  as  intrusion  detection,  over 
to  ISS. 

“While  we’re  the  largest  pure 
music  company  globally  and 
operate  in  50  countries,  we’re  on 
a  very  thinly  funded  model,” 
Russo  says.“The  ability  to  run  true 
24-7  operations  with  rapid  re- 
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sponse  to  the  changing  Internet 
environment  was  more  than  we 
could  budgetarily  design.  We  had 
to  look  at  partners.” 

For  Gene  Fredriksen,  vice  presi¬ 
dent  of  information  security  for 
Raymond  James  Financial  in  St. 
Petersburg,  Fla.,  the  point  of  out¬ 
sourcing  IDS  with  VeriSign  is  to 
augment  his  internal  security  pro¬ 
cedures.  VeriSign  handles  some 
IDS  monitoring  for  Raymond 
James,  but  IDS  monitoring  also  is 
conducted  internally 

“One  of  the  things  that  is  impor¬ 
tant  for  information  security  is  to 
do  external  validations  and  ex¬ 
pand  the  sphere  of  intelligence 
that  you  gather]’ Fredriksen  says.“If 
all  your  security  functions  are 
internal  and  you  don’t  have  a 
metric  for  someone  to  look  at  you 
from  the  outside, you’re  missing  a 
big  piece.” 

Theresa  Grant,  director  of  infor¬ 
mation  security  at  Dow  Chem¬ 
ical  Company  in  Midland,  Mich., 
says  the  bottom  line  is  that  com¬ 
panies  can  expect  benefits  from 
outsourcing  security  because  of 
the  expertise  they’ll  gain  access 
to,  but  that  they  have  to  be  vigi¬ 
lant  about  how  the  service  is 
delivered. 

“Companies should  ...consider 
their  decision  to  outsource  secu¬ 
rity  in  terms  of  their  organiza¬ 
tion’s  overall  outsourcing  strate¬ 
gy,  and  determine  if  their  internal 
audit  organization  has  the  tools 
or  capacity  necessary  to  manage 
the  outsourcing  relationship,” she 
says.  “Companies  can’t  take  for 
granted  the  importance  of  moni¬ 
toring  activity;  provisions  must 
be  made  to  ensure  that  compa¬ 
nies  get  the  services  they  are 
paying  for.”  ■ 
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Separation  anxiety 

Reluctant  to  do  so  in  the  past,  enterprise  users  are 
considering  handing  off  security  functions  to  outside 
providers.  Some  things  to  consider: 


Pros: 

•  Time  saver:  Figure  what  can  be  safely  handed  off —  intrusion 
detection,  for  example  —  and  then  deploy  IT  resources  on  more- 
critical  security  issues. 

•  Ready  reports:  A  service  provider  can  get  an  audit  and  reporting 
process  up  and  running  quickly. 

•  Deep  expertise:  By  using  an  outsourcer,  corporations  get  access 
to  security  expertise  they  might  not  be  able  to  afford  in-house. 


Cons: 

*  Vendor  viability:  Consolidation  continues  in  the  managed 
security  service  provider  market  so  take  extra  time  to  check  out 
a  vendor's  financial  credentials. 

*  Finding  a  match:Turning  over  a  critical  function  to  a  service 
provider  can  result  in  sleepless  nights.  If  you  don't  consider  the 
service  provider  a  partner,  things  could  take  a  bad  turn. 

*  Setting  a  safety  net:  If  you  don't  have  the  expertise  in-house 
to  address  issues  that  might  come  up  with  the  outsourcer,  there 

could  be  trouble. 
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continued  from  page  1 

A  panel  of  members  with  expe¬ 
rience  implementing  VoIP  plan  to 
share  what  they’ve  learned. 

Like  California,  some  other 
states  report  savings,  but  the 
major  force  behind  VoIP  adop¬ 
tion  is  support  for  particular 
applications  that  IP  handles  bet¬ 
ter  than  traditional  systems,  par¬ 
ticularly  call  centers.  For  exam¬ 
ple,  New  Jerseys  telecom  services 
agency  is  offering  its  first  VoIP  ser¬ 
vice,  managed  IP  call  centers  for 
departments  whose  traditional 
gear  is  worn  out,  says  David 
Blackwell,  telecom  manager  for 
the  Office  of  Information 
Technology. 

Blackwell  says  the  first  potential 
customers,  the  departments  of 
commerce  and  human  services, 
are  considering  linking  to  the 
state’s  lone  Avaya  S8700  VoIP 
media  server  to  support  small  call 
centers  by  installing  remote  ex¬ 
tensions  of  the  media  server  in 
each  department.  Without  the  IP 
technology,  each  department 
would  have  to  buy  its  own  PBX 
and  call-center  software,  he  says. 

The  IP  call  center  makes  it  sim¬ 
pler  to  distribute  the  centers 
across  the  state  in  a  way  tradi¬ 
tional  call-center  gear  cannot,  he 
says.  So  if  a  center  in  northern 
New  Jersey  was  swamped  with 
calls,  adding  on  a  call  center  in 


the  south  would  just  be  a  matter 
of  entering  the  IP  addresses  of  the 
phones  in  the  southern  center  to 
the  list  of  phones  associated  with 
the  northern  center,  he  says.  With 
a  traditional  PBX-based  call  cen¬ 
ter,  adding  and  removing  phones 
would  be  cumbersome. 

Meanwhile  down  in  Texas 

Texas  has  put  this  call-center 
flexibility  to  use  to  establish  a 
human  services  hotline  program 
in  which  citizens  dial  211  to  get 
information  about  programs. 
During  business  hours,  Cisco 
Call  Center  and  eLoyalty  call- 
center  software  route  calls  to  the 
nearest  of  25  area  information 
centers,  but  after-hours,  they 
route  them  to  the  few  informa¬ 
tion  centers  open  24  hours  per 
day.  The  state  estimates  an  80% 
savings  from  what  the  same  211 
system  would  cost  using  800 
numbers. 

The  same  equipment  could  be 
used  in  disasters  to  handle  over¬ 
flow  calls,  says  Jason  Shugg,  tele¬ 
com  specialist  for  the  Texas 
Health  and  Human  Services 
Commission.  If  a  hurricane  in 
Galveston,  say,  caused  a  spike  in 
calls  at  the  Houston  information 
center,  every  third  call  could  be 
routed  to  another  city  Or  calls  on 
hold  for  more  than  one  minute 
could  be  rerouted,  he  says. 

Similarly,  if  an  office  had  to  be 
evacuated, call  agents  could  take 


What  states  are  doing  with  VoIP 


VoIP  is  a  popular  technology  among  state  telecom  directors.  Here’s  a  sample  of  what 
some  are  doing: 


California:  Some  agencies  have 
IP  phones  for  internal  calls. 

Why  VoIP:  State  review  urges 
widespread  use  to  save  money. 
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Minnesota:  Call  centers;  new  agencies. 

Why  VoIP?:  Distribute  calls  to  appropriate 
agents  around  state;  lower  cost  of  wiring 
and  moves,  adds  and  changes. 


Texas:  VoIP  trunking  among  state 
agencies;  call  center  for  human 
services  information. 

Why  VoIP?:  Cost  savings;  ability  to  tie 
distant  sites  into  one  call  center. 


I . ) 


f 


.1,- 

Vr^'O 


their  phones  to  another  informa¬ 
tion  center,  plug  in  and  continue 
working,  he  says.  The  network 
would  recognize  the  phone’s  IP 
address. 

Texas  also  uses  VoIP  to  trunk 
traffic  between  state  agencies 
across  the  Texas  Agency  Network 
(TEXAN)  ATM  backbone,  says 
Brian  Kelly  assistant  director  of 
the  Texas  Telecommunications 
Services  Division.  Phone  calls 
from  Austin,  the  capital,  to  three 
other  cities  avoid  toll  fees  by 
using  TEXAN  instead  of  the  pub¬ 
lic  long-distance  phone  network, 


Netscape  upgrade  could 
attract  browser  converts 


■  BY  PHIL  HOCHMUTH 

The  emergence  last  week  of  a 
new  Netscape  browser  based  on 
open  source  technology  signals 
that  Microsoft’s  dominance  in  the 
browser  market  is  not  complete, 
observers  say. 

Some  users  are  opting  to  install 
Netscape  to  remedy  the  security 
shortcomings  in  Microsoft  Inter¬ 
net  Explorer.  But  with  more  than 
90%  of  Web  users  still  running  Inter¬ 
net  Explorer,  and  the  new  Windows  XP  Service  Pack 
2  software  addressing  many  browser  vulnerabilities, 
analysts  don’t  expect  any  revolution  in  the  market. 

AOL’s  new  Netscape  Navigator  7.2  is  the  first 
update  to  the  browser  in  more  than  a  year.  Netscape 
is  based  on  the  Mozilla  1.7  technology  New  features 
include  integration  with  AOL  Instant  Messenger, 
improved  print  previewing  and  tabbed  Web  brows¬ 
ing,  which  lets  users  have  multiple  Web  pages  open 
in  one  Window. 

AOL  acquired  Netscape  in  1998  for  $4.2  billion. 

Last  month,  Internet  Explorer  lost  a  percentage 


Microsoft  saw  its 
browser  market  share 
drop  from  95%  to  94% 
in  July. 

SOURCE;  WebSideStory.com 


point  of  market  share  to  Netscape, 
according  to  WebSideStorycom,  a 
company  that  tracks  Web  usage 
statistics.  Although  the  loss  didn’t 
mean  much  for  Microsoft  —  it 
dropped  from  95%  to  94%  —  the 
increase  was  significant  for 
Netscape;  even  though  its  net  gain 
was  only  1%  of  the  entire  market, 
usage  of  Netscape  was  up  26%  last 
month. 

“There’s  been  significant  growth 
for  non-Microsoft  browsers  lately 
says  Peter  O’Kelly  a  senior  analyst  with  Burton 
Group.  The  growth  might  be  attributed  to  improve¬ 
ments  in  Netscape  and  other  browsers,  as  well  as  a 
growing  concern  about  Microsoft’s  vulnerabilities. 

But  this  probably  isn’t  the  start  of  a  major  market 
shift,  O’Kelly  adds. 

“Competition  is  good,”  he  says.“Now  that  there  are 
compelling  alternatives  [to  Internet  Explorer] ,  that 
puts  the  onus  back  on  Microsoft  to  keep  investing  in 
its  browser  technology’ 

The  IDG  News  Service  contributed  to  this  report. 


he  says.The  state  says  it  will  save 
enough  money  over  1 1  months 
to  pay  back  VoIP  equipment 
costs,  Kelly  says. 

But  toll  bypass  is  not  a  guaran¬ 
teed  way  to  save  money,  says 
Jack  Ries,  project  manager  for 
Minnesota’s  InterTechnologies 
Group. 

A  study  of  VoIP  to  carry  phone 
calls  among  state  facilities  over 
Minnesota’s  ATM  backbone 
showed  that  cost  savings,  while 
possible,  might  not  materialize. 
The  cost  of  equipment,  upgrad¬ 
ing  access  lines  and  reassigning 
access  codes  would  all  eat  into 
potential  savings,  he  says.  “There 
may  be  cost  savings,”  he  says, “but 
with  cost  savings  alone,  you 
could  probably  not  justify  the 
cost  of  the  infrastructure  needed 
to  do  it.” 

In  the  best  case,  using  VoIP  for 
intercity  calls  could  avoid 
$870,000  per  year  in  toll  calls, 
based  on  the  study. This  includes 
trunking  Minneapolis/St.  Paul- 
bound  calls  to  a  public  phone 
network  gateway  in  the  twin 
cities  where  terminating  them 
would  be  free. 

While  the  state  has  doubts 
about  VoIP  trunking,  there  is  a 
push  to  convert  all  state  call  cen¬ 
ters  to  IP  within  the  next  year, 
Ries  says,  if  budgets  allow.  The 
attraction  is  the  ability  to  distrib¬ 
ute  call  agents  geographically 
inexpensively,  he  says. 

Alaska  warms  up  to  VoIP 

Alaska  was  an  early  supporter 
of  VoIP  and  had  plans  to  install  a 
pilot  program  of  269  Cisco  voice 
phones  more  than  a  year  ago,  but 
the  project  ran  afoul. 

The  service  provider  to  which 
the  state  had  outsourced  its  tele 
com  network  failed  to  use 


New  Jersey:  Call  centers 
being  set  up. 

Why  VoIP:  Centralize  call 
center  management, 
distribute  agents  statewide. 


Cisco’s  best  practices,  and  the 
system  didn’t  work.  The  replace¬ 
ment  provider  fixed  the  prob¬ 
lems,  and  the  state  is  looking  to 
expand  its  VoIP  use. 

In  Anchorage,  the  state  is  build¬ 
ing  new  facilities  and  outfitting 
them  with  Category  5e  and  6 
wiring  that  has  the  characteris¬ 
tics  specified  by  the  IEEE  to  sup¬ 
port  VoIP  “It’s  more  cost-effective 
to  deploy  voice  over  IP  because 
of  reduced  wiring  costs  and 
lower  ongoing  operations  costs,” 
says  Stan  Herrera,  Alaska’s  CTO. 

VoIP  also  has  proved  useful  in 
backing  up  a  failing  PBX  and 
voice  mail  system,  Herrera  says. 
The  state  office  building  in 
Juneau  was  hit  by  lightning  earl¬ 
ier  this  year  and  the  strike  dis¬ 
rupted  the  voice  mail  system 
attached  to  its  Nortel  PBX.  In  the 
future,  if  the  Nortel  voice  mail 
dies,  the  Cisco  Unity  voice  mail 
system  associated  with  the  VoIP 
gear  used  in  the  new  buildings 
can  back  it  up. 

The  phones  still  will  be  run  by 
the  PBX,  but  the  VoIP  voice  mail 
will  handle  voice  messages.The 
Meridian  phone  sets  will  be 
rerouted  through  that  Unity 
voice  mail,”  he  says. 

Herrera  says  that  ultimately 
one  voice/data  network  should 
be  built  for  state  government. 

“We  really  believe  convergence 
is  right  for  Alaska,”  he  says.  “The 
high  cost  of  telecommunications 
in  the  state  and  large  geographic 
expanses  are  challenges  for  us.  It 
makes  sense  to  distribute  more  of 
the  technology  over  a  single  net¬ 
work  vs.  three  separate  ones.  I’m 
sure  it  will  show  a  return  on 
investment.”  ■ 


Get  more  information  online. 
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ollowing  last  week’s  rant  about 
music  industry  lawyers  running 
amok,  reader  Mark  Brusch 
chided  me:“Well,  it’s  almost  two  years 
later  and  I  will  ask  again:  Do  you  feel 
up  to  organizing  these  people  for  the 
fight  or  do  you  want  to  sit  back  again 
and  change  the  subject?” 

One  of  the  best  ways  to  be  heard  is  by  joining  the 
Electronic  Frontier  Foundation  (EFF).  If  there  is  any 
group  addressing  the  addressable  when  it  comes  to 
issues  that  concern  the  online  world,  the  EFF  is  the 
one  that  gets  my  support  and  my  money 
Through  the  EFF  I  have  a  voice  because  it  is  orga¬ 
nized  by  sensible,  intelligent  people,  and  there  is 
strength  in  numbers.  If  a  significant  number  of 
BackSpin  readers  subscribed  to  the  EFF  we’d  be  a 
force  to  be  reckoned  with  that  would  eclipse  the 
petty,  partisan  interests  and  dogma  of  the  bureau¬ 
crats  and  big  media  conglomerates. 

On  another  topic,  reader  Tom  Graly  couldn’t  help 
but  throw  down  the  gauntlet  as  well:“Somehow  over 
the  years  I’ve  come  to  expect  you  to  jump  on  major 
violations  of  common  sense.  Though  your  common 
sense  isn’t  always  mine,  that’s  OK.  [ Network  World] 
has  run  front-page  stories  on  the  FDA  and  medical 
device  makers  for  the  last  two  weeks  with  nary  a 
word  from  BackSpin. . .  .While  1  sympathize  with  the 


hospitals  going  after  the  device  suppliers  because 
that  is  the  only  recourse  they  have,  the  FDA  needs  to 
go  to  the  source  of  the  problem,  not  the  victims.” 

So  the  medical  services  community  is  ticked  off  by 
medical  equipment  vendors’  tardiness  in  upgrading 
operating  systems  that  run  their  equipment.  Network 
World's  story  last  week  said, “hospital  IT  administra¬ 
tors  are  voicing  complaints  that  manufacturers  are 
failing  to  patch  Windows-based  equipment  quickly 
or  at  all,  which  then  fall  prey  to  computer  worms.” 

So  the  gripe  from  Billy-Bob  Medical  Service  is  that 
the  version  of  Windows  that  runs  the  gazillion-dollar 
ventro-fibriculating  diastolyic  gazornenplatz  isn’t 
being  patched  fast  enough  and  Billy-Bob  is  worrying 
about  the  risks.  What  a  load  of  bull. 

Let’s  be  realistic:  Device  makers  are  quite  justifiably 
worried  about  upgrading  operating  systems  without 
extensive  testing  —  something  that  is  arguably  just 
this  side  of  impossible  to  do  if  you  are  looking  for 
verifiably  secure,  reliable  operation.  But  the  fear  is 
that  the  risk  of  these  devices  being  compromised  by 
malware  and  hackers  is  not  trivial. 

OK,  so  say  device  vendors  do  that  magical  some¬ 
thing  and  equipment  still  suffers  a  malfunction 
because  a  patch  or  upgrade  causes  instability,  or 
despite  enhanced  security  and  reliability,  a  device 
gets  infected  and  a  patient  dies. 

Don’t  you  think  that  all  concerned  would  take 


legal  action  against  the  device  vendor,  the  hospital 
and  the  guy  who  makes  the  coffee  in  the  hospital 
canteen  whether  or  not  the  equipment  vendor  has 
instigated  an  upgrade? 

What  really  chaps  my  butt  is  the  idea  that  device 
vendors  are  somehow  responsible  for  the  environ¬ 
ment  that  their  devices  are  deployed  in!  Don’t  pre¬ 
tend  the  equipment  vendor  is  somehow  the  bad  guy 
when  you  put  the  device  in  an  unsafe  environment. 

If  the  equipment  can’t  be  upgraded  to  be  reliable 
in  your  environment  then  either  replace  the  damn 
thing  with  equipment  that  is,  or  protect  it. 

Put  pressure  on  vendors  involved,  but  don’t  expect 
them  to  carry  your  liability  They  have  businesses  to 
run  just  as  you  do.  If  they  don’t  want  to  upgrade  and 
you  decide  to  go  with  another  vendor  then  tough  on 
them  and  good  for  you. 

If  it  is  the  other  way  around  and  you  can’t  or  don’t 
want  to  find  another  vendor,  and  your  existing  ven¬ 
dor  won’t  upgrade,  then  shut  the  hell  up.  You  want 
to  complain?  Complain  to  everyone.  If  none  of  them 
can  produce  something  that  is  acceptable  then  any 
or  all  of  them  are  the  ones  to  beat  up.  But  be  pre¬ 
pared  to  pay  for  what  you  want. 

Better  still,  beat  yourself  up. You  wanted  it  cheap 
and  now. 

Self-flagellation  to  backspin@gibbs.com 
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Readers  vote  ‘nay' 

Network  World  readers  get  it,  even  if 
the  people  who  run  elections  do  not. 

A  diatribe  here  two  weeks  ago  about  the  unchecked  perils  of  electronic  vot¬ 
ing  machines  focused  on  the  disconnect  between  an  almost  universal  concern 
on  the  part  of  computer  security  professionals  and  a  general  lack  of  same  on 
the  part  of  the  public.  As  might  be  expected  given  the  audience  of  this  publica¬ 
tion,  reader  e-mail  about  that  column  sided  largely  with  the  worriers. 

"I  am  a  .Net  Web  developer  and  everything  that  I've  heard  about  e-voting  has 
me  scared,"  writes  Wes  Virnelson.  “I  like  the  idea  of  using  a  paper  absentee 
ballot  to  make  sure  my  vote  is  really  counted  or  rather  could  be  re-counted. 
What  I  can't  figure  out  is  why  e-voting  machine  manufacturers  thought  that  a 
voting  system  with  no  paper  trail  was  a  good  idea.  It  defies  logic  —  especially 
after  the  Florida  fiasco.” 

It  does  defy  logic  in  every  way  except  one:  money.  Buyers  of  the  newfangled 
devices  contend  they  will  save  taxpayer  dollars  —  a  disputed  contention  —  and 
makers  of  the  machines  need  no  more  motivation  than  the  prospect  of  turning 

a  buck. 

“It  would  be  nice  to  have  a  voting  machine  present  me  with  a  nice  GUI  with 
large  buttons,"  Virnelson  continues.  “Couldn’t  the  machine  punch  a  card  and 
then  verify  two  or  three  times  that  it  was  accurately  punched?  Couldn’t  the 
machine  then  drop  the  card  into  a  ballot  box  inside  it?  Couldn’t  the  electronic 
version  of  the  ballot  be  used  to  tally  votes  quickly,  but  the  punched  paper  ballot 
be  used  as  the  ‘official’  vote? 

“Technology  is  great,  but  the  old  saying  holds  true:To  err  is  human,  but  it 
takes  a  computer  to  really  mess  things  up.” 

Add  politicians  to  that  mix  and,  well,  you  get  the  mess  we’re  in  at  the 
moment:  a  bitterly  contested  presidential  election  two  months  away  and  the 


all-too-real  prospect  that  voters  —  especially  those  backing  the  eventual  loser 
—  will  not  trust  the  announced  results.  If  the  Electoral  College  tally  should 
come  down  to  the  margin  of  a  single  state  that  lacks  the  ability  to  conduct  a 
full  recount,  we’ll  be  fortunate  if  our  democracy  survives  to  sort  it  all  out  in 
time  for  2008. 

“A  real  bottom-line  analysis  is  that  there  are  six  statutes,  reviews  and  inde¬ 
pendent  audits  that  Las  Vegas  [gaming]  machines  must  go  through  periodic¬ 
ally,”  writes  Ron  Radick,  “but  not  one  for  e-voting.  Wow.” 

Of  course,  the  people  who  run  Las  Vegas  know  full  well  that  nothing  would  kill 
their  golden  goose  faster  than  the  gambling  public  reaching  the  conclusion  — 
right  or  wrong  —  that  the  games  are  literally  rigged,  as  opposed  to  merely 
stacked  to  the  advantage  of  the  house.  Yet  somehow  the  people  who  run  elec¬ 
tions  in  this  country  have  failed  to  grasp  that  simple  concept  and  are  in  many 
locales  barreling  ahead  with  e-voting  schemes  that  provide  no  meaningful 
protection  against  fraud,  most  importantly,  a  paper  trail  to  be  recounted  if 
necessary. 

Radick  also  offered  up  a  trio  of  Web  sites  that  anyone  interested  in  this  topic 
should  peruse:  www.verifiedvoting.org, www.eff.org/e-vote  and  http://black 
boxvoting.com. 

It’s  nice  to  know  that  some  of  you  are  stepping  up  to  fight  this  madness. 

“I  have  been  trying  to  do  my  part  to  inform  the  election  powers  that  be  by 
forwarding  URLs  referenced  in  a  weekly  SANS  newsletter  that  deal  with 
e-voting  to  the  state  of  Wyoming's  Secretary  of  State's  office,"  writes  Rob 
Mitchell.  “As  far  as  I  know  this  has  had  a  positive  impact  in  that  the  state 
hasn’t  deployed  electronic  voting  systems.Thanks  for  spreading  the  word. 
Hopefully,  more  IT  folks  will  educate  the  political  folks  about  the  dangers  of 
e-voting.” 

All  this  ranting  is  bad  for  my  blood  pressure.  I’m  off  for  two  weeks  of  vacay. 
Postcards  to  buzz@nww.com. 
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NetVanta  1224STR 
The  functionality  of  five 
devices  for  the  price  of  one. 
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Managed,  24-Port 

Layer  2  Switch 

✓ 

IP  Access  Router 

✓ 

Stateful  Inspection  Firewall 

✓ 

DSU/CSU 

✓ 

Gigabit  Ethernet  Uplinks 

✓ 

QoS 

✓ 

VLAN  trunking 

✓ 

1  Command  Line  Interface  (CLI) 

✓ 

Intuitive  Web  GUI 

✓ 

ADTRAN  OS 

✓ 

Optional  Virtual  Private 
Networking 

✓ 

Optional  Dial  Backup 

✓ 

Optional  PBX  Connectivity 

✓ 

Unlimited  Telephone 

Technical  Support 

✓ 

Free  Firmware  Updates 

✓ 

5-Year  Warranty 

✓ 

Introducing  the  NetVanta  1 224STR  from  ADTRAN . 


Lower  the  cost  of  enterprise  connectivity  with  the  powerful  new 
NetVanta  1224STR.  This  full-function  WAN/LAN  access  platform 
does  the  work  of five  devices  for  the  price  of  one.  Suitable  for  networks 
of  any  size,  the  NetVanta  1224STR  offers  everything  you  need  to  bring 
a  branch  office  or  remote  location  online,  including  managed  Layer  2 
Ethernet  switching,  full-featured  IP  routing,  firewall  protection,  VPN, 
and  WAN  termination — all  in  a  compact  1U  chassis.  It  is  QoS,  VLAN, 
and  Gigabit  Ethernet  capable,  and  offers  affordable  dial  backup  and 
voice  options.  ADTRAN ’s  new  NetVanta  1000  Series  is  backed  by  a 
100%  satisfaction  guarantee,  including  unlimited  technical  support, 
free firmware  upgrades,  and  a  5-year  warranty. 


Register  to  win  a  free  NetVanta  1224STR  now! 
www.adtran.  com/info/wirmetvanta  1 224 


Available  at  a  price  point  well  below  competing 
multi-box  solutions,  the  NetVanta  1224STR 
will  change  the  way  you  connect  remote  locations. 
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877.591.3055  Technical  Questions 
877.280.8416  Where  to  Buy 


The  NetVanta  Series 


NetVanta  1000  Series 
Integrated  Switch/Router  Platforms 
Managed  Layer  2  Ethernet  Switches 


_ 


NetVanta  2000  Series 
Firewalls/VPN 


NetVanta  3000  Series 
IP  Routers 


The  Network  Access  Company 


Aotmri 


Copyright©2004  ADTRAN,  Inc.  All  rights  reserved.  ADTRAN  and  NetVanta  are  registered  trademarks  of  ADTRAN,  Inc. 
Five-year  warranty  applies  in  North  America  and  Europe.  EN70C072604NW 


BrightStor®  ARCserve®  Backup  Release  11 

Faster  and  easier  to  use  than  ever.  ' 

When  it  comes  to  data  backup  and  recovery,  you  want  a  reliable,  high-performance  solution  you 
can  count  on.  That's  why  we've  created  BrightStor  ARCserve  Backup  Release  11,  featuring  the 
very  latest  in  storage  innovations.  BrightStor  ARCserve  Backup  is  faster  and  easier  than  ever, 
enhancing  both  efficiency  and  productivity.  And  with  CA's  superior  technology,  you  can  be 
confident  your  files  are  properly  backed  up  and  will  easily  be  restored  should  a  disaster  occur. 
For  more  information,  go  to  ca.com/storage/arcserve. 


Free  trial  of  BrightStor 
ARCserve  Backup  Release  11. 
Visit  ca.com/storage/arcserve 
or  call  1-866-558-2798. 
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